MASM Ref.Man. say's:
Quote
$
The current value of the location counter.
The diff.b. 6.1 5.1 say's:
Quote
Current Address Operator with OPTION M510
In compatibility mode, the current address operator ($) applied to a structure
returns the offset of the first byte of the structure. When OPTION M510 is not
enabled, $ returns the offset of the current field in the structure
No samples. :'(
What you can do with "$" ?
How to use it ?
%echo $ [[anything]]
Yields nothing. :eek
Any feedback highly commended. :bg
By the way is there something like "All about MASM macros" unabridged edition? :green
What is the best source which tells you all tricks and unconventional exploits?
$ returns the byte-offset in current segment (.data,.code,...). It can be used for for calculating the size of code/data or for jump instructions: jmp $+3.
Alos it can only be used in form of sums:
$-+someLable or
someLable-+$.( except it is used as an instruction operator: mov eax,$)
Here an example:
.code
start:
nop
nop
nop
%echo current number of bytes in code section = @CatStr(%( $-start ))
mov eax,$ ; look at ollydbg
@1: lea ecx,[ecx+123456789]
%echo sizeof('lea ecx,[ecx+123456789]') = @CatStr(%($-@1))
.data
mystr db "123456789",0
%echo size of string = @CatStr(%( $-mystr ))
end startQuote from: Ficko on June 06, 2010, 06:10:52 PMWhat is the best source which tells you all tricks and unconventional exploits?
Other peoples code. e.g. macros.asm :P
Thanks I would never figure that one out myself. :bg
Oneother question:
Is it possible to determine the existence of a string allready defined. - eliminating duplicates -
Like
STR0001 db "String01",0
STR0002 db "String01",0
Check "String01" already exists. ::)
Quote from: Ficko on June 06, 2010, 07:08:39 PMCheck "String01" already exists.
IFDEF STR0001 ;; if defined
...
ENDIF
IFNDEF STR0001 ;; if not defined
...
ENDIF
Not quite what I meant. :toothy
That's would be tooo simple.
I am creating strings on the fly therefore I don't know what "STR0001" assigned to.
I wanna check that "String01" allready exists so I do not need to create it again just use STR0001. :wink
----------------------------------------------------------------------------
I am checking this "$" stuff.
There is something interessting:
MySub Proc uses esi edi ebx Param01:DWORD
LOCAL Var:DWORD
xor eax, eax
%echo size of locals = @CatStr(%( $-MySub))
ret
MySub endp
Works but without "xor eax, eax" I am getting "0" on JWASM as well.
Hi:
$ is also known as program counter aka IP or RIP.
charlie equ $
Regards herge
Quote from: Ficko on June 06, 2010, 07:38:06 PMI am creating strings on the fly therefore I don't know what "STR0001" assigned to.
I wanna check that "String01" allready exists so I do not need to create it again just use STR0001. :wink
You want to check this at runtime or when assembling?
Quote from: Ficko on June 06, 2010, 07:38:06 PM
MySub Proc uses esi edi ebx Param01:DWORD
LOCAL Var:DWORD
xor eax, eax
%echo size of locals = @CatStr(%( $-MySub))
ret
MySub endp
Works but without "xor eax, eax" I am getting "0" on JWASM as well.
The locals are allocated on stack at runtime. Your are printing the size of the proc's prologue plus the size of xor-instruction. However, I don't know why masm returns 0 instead of the prologues size when removing the xor ... ::)
If you need the locales size, use the SIZEOF-operator: @CatStr(%(SIZEOF Var1 + SIZEOF Var2 ...))
Quote from: qWord on June 06, 2010, 08:21:35 PM
...
The locals are allocated on stack at runtime. Your are printing the size of the proc's prologue plus the size of xor-instruction. However, I don't know why masm returns 0 instead of the prologues size when removing the xor ... ::)
...
I do not know how MASM or JWASM does it but I can tell you how SOL_ASM does it. The prologue is generated only when the "first non prologue" instruction is encountered. Hence without the "xor eax,eax" the prologue is not (yet) generated. Of course this is my "guess" ;) .
Quote from: BogdanOntanu on June 06, 2010, 08:31:29 PMThe prologue is generated only when the "first non prologue" instruction is encountered. Hence without the "xor eax,eax" the prologue is not (yet) generated. Of course this is my "guess" ;) .
A quick test confirm your assumption: with RET the prologue and epilogue is created, without it no code is produced.
Quote
You want to check this at runtime or when assembling?
When assembling I like to do something like BCC's -d switch does.
i found this through goolge: -d Merge duplicate strings
is this right?
If so, it isn't doable with masm. It may be possible to write an macro that checks for duplicates.
Quote from: Ficko on June 06, 2010, 06:10:52 PM
What you can do with "$" ?
Inter alia, you can use it to overcome a known bug that causes ml.exe to hang for high dup counts:
lbl LABEL byte
ORG $+BufLen-1
db ?
Full example:
include \masm32\include\masm32rt.inc
makebuf MACRO var, BufLen
LOCAL lbl
.data?
lbl LABEL byte
ORG $+BufLen-1
db ?
.data
var dd lbl ;; define it in the data section
.code
ENDM
.data?
bytesread dd ?
.code
start:
makebuf FatBuffer, 500000 ; try the same with a simple FatBuffer db 500000 dup(?)
mov esi, FatBuffer
invoke CreateFile, chr$("\masm32\include\windows.inc"), GENERIC_READ, FILE_SHARE_READ,
NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0
push eax
invoke ReadFile, eax, esi, 500000, offset bytesread, 0
call CloseHandle
mov byte ptr [esi+200], 0
MsgBox 0, esi, "WinInc, the first 200 bytes:", MB_OK
exit
end start
Quote from: qWord on June 06, 2010, 09:02:42 PM
iIf so, it isn't doable with masm.
I know that. :bg
Quote
It may be possible to write an macro that checks for duplicates.
That's exactly I am looking for. :P
Quote
Inter alia, you can use it to overcome a known bug that causes ml.exe to hang for high dup counts:
Boh! :eek
Someone should write an E-Book.
I would be the first buyer. :green
That's what I did with it. :bg
(Zeroing local variables taking into account how many GPR was pushed)
include masm32rt.inc
ZEROSUBVARS MACRO Subroutine:REQ
lea eax, [esp+(($-Subroutine)-8)*4]
mov ecx, ebp
sub ecx, eax
invoke RtlZeroMemory,eax,ecx
ENDM
; ##########################################
.code
start:
mov esi, 0FEFEFEFEh
mov edi, 0FEFEFEFEh
mov ebx, 0FEFEFEFEh
call MySub
.code
MySub Proc uses esi edi
LOCAL Var01 :DWORD
LOCAL Var02[10h]:BYTE
xor eax, eax
ZEROSUBVARS MySub
xor ebx, ebx
ret
MySub endp
end start
Quote from: Ficko on June 06, 2010, 09:39:08 PMQuote
It may be possible to write an macro that checks for duplicates.
That's exactly I am looking for. :P
here an macro creating a given string in data section after checking for duplicate.
example:
def_str lbl1,"bla"," ","abc",0
def_str lbl2,"bla"," ","abc",0
...
invoke MessageBox,0,OFFSET lbl1,OFFSET lbl2,0def_str macro _label:req,str:VARARG
LOCAL lbl
IFNDEF ds_glb_cntr
ds_glb_cntr = 0
ENDIF
defs_cntr = 0
defs_flag = 0
REPEAT ds_glb_cntr
% IFIDNI <@CatStr(<defs_str_>,%defs_cntr)>,<&str>
defs_flag = 1
EXITM
ENDIF
defs_cntr = defs_cntr + 1
ENDM
IF defs_flag
.data
lbl LABEL BYTE
org @CatStr(<defs_lbl_>,%defs_cntr)
_label LABEL BYTE
org lbl
.code
ELSE
@CatStr(<defs_lbl_>,%ds_glb_cntr) TEXTEQU <&_label>
@CatStr(<defs_str_>,%ds_glb_cntr) TEXTEQU <&str>
.data
_label db &str
.code
ds_glb_cntr = ds_glb_cntr + 1
ENDIF
endm
Gee! :U
I need some times to digest this one. :toothy
Thanks a lot! :bg
Quote from: Ficko on June 06, 2010, 09:39:08 PM
(Zeroing local variables taking into account how many GPR was pushed)
The MasmBasic equivalent. In contrast to RtlZeroMemory, no regs are trashed here - think of fastcall...
include \masm32\include\masm32rt.inc
.code
start: call MySub
exit
MySub Proc
LOCAL Var01 :DWORD
LOCAL Var02[10h]:BYTE
call ClearLocVars
push esi
push edi
xor ebx, ebx
pop edi
pop esi
ret
MySub endp
ClearLocVars proc ; put "call ClearLocals" as first instruction after LOCALS - eax unchanged on exit
push eax ; do not use with uses esi etc - push them manually behind the call!
lea eax, [esp+8] ; pushed eax and ret address
mov esp, ebp ; base page of calling procedure
align 4
@@:
push 0
cmp esp, eax
ja @B
sub esp, 8 ; 19 bytes with align 4
pop eax
ret
ClearLocVars endp
end start
A little correction:
ZEROSUBVARS MACRO Subroutine:REQ
mov ecx, ebp
lea eax, [esp+(($-Subroutine)-8)*4]
sub ecx, eax
invoke RtlZeroMemory,eax,ecx
ENDM
That way "ZEROSUBVARS" can be put immediately as the first "command" after "locals". :wink