Text only | Text with Images

The MASM Forum Archive 2004 to 2012

General Forums => The Workshop => Topic started by: zincboyreturns on January 20, 2005, 07:35:29 PM

Title: indirect access to memory (macro help)
Post by: zincboyreturns on January 20, 2005, 07:35:29 PM
i have written an asm editor that will assemble,link,dump and finally patch a target file with the original asms opcodes.(like icz's SnipCodeCreator although not as advanced patchwise)

to the point:-

i need some help with macros to assist in accessing the targets memory,heres how i do it now:

.const
Xpos equ 40DBECh
.code
mov eax,1
;-----------------------
;macro expanded
Push eax
mov eax,Xpos
pop [eax]
;---------------

however im searching for a method to use this that is smaller and/or faster. I suppose my primary interest in macros that are the most similar to the original command
i particually like the macros used in SNIPCC like:-

push TagetAddress          ; jmp to RVA
ret                       

more like this are most welcome and if any good will be include in the first release since i believe in giving the people everything and letting THEM decide if it's useful

                   THX in advance
Title: Re: indirect access to memory (macro help)
Post by: Ratch on January 20, 2005, 09:06:31 PM
zincboyreturns,

Code Select

.const
Xpos equ 40DBECh
.code
mov eax,1
;-----------------------
;macro expanded
Push eax
mov eax,Xpos
pop [eax]
;---------------


     Why not do this, and still retain the value in EAX?

Code Select

  MOV [CS:Xpos],EAX






Code Select


  push TagetAddress          ; jmp to RVA
  ret     


     Why not simply JMP TagetAddress and not involve the stack?  Ratch
Title: Re: indirect access to memory (macro help)
Post by: zincboyreturns on January 20, 2005, 09:30:23 PM
most of the problems that come up are to do with the fact that the assembler/link doesnt know the relative position of the targets rva so
'jmp 004BECh'

would result in the assembler giving an error cause it doesnt know how to create the opcode however

push 004BECh  ; RVA  - The assembler assumes it's pushing an int
ret                  ; return to first address on stack(it's pushed when a call is made)

WARNING - I AM NOOB MAYBE WRONG!!! - WARNING

I should have been clearer to you in my first post i want to access the targets memory from the generated source code(the snippet)
Title: Re: indirect access to memory (macro help)
Post by: Ratch on January 20, 2005, 11:10:58 PM
zincboyreturns,

     You are correct, I should have known better.  Try this, JMP MAIN+Xpos, where MAIN is the beginning of the code segment, from which I assume the offset is referenced.  Ratch
Title: Re: indirect access to memory (macro help)
Post by: zincboyreturns on January 26, 2005, 09:18:18 PM
JMP MAIN+Xpos;where MAIN is the beginning of the code segment, from which the offset is referenced.  Ratch

added to projpatch.mac (my patchers macro file)
thx

i'd love more like this, however wacky, since iv'e started studying others's macroI've learned loads about weird addressing methods
I think in our cosy little windows api world these ways of using the cpu can become like forgotten/unpractised trades if not retaught to noobs like me.... hehe..
Text only | Text with Images