call a (relative) virtual address

bozo · October 01, 2008, 09:59:08 PM

QuoteBtw. Is there a way to easily get the size of an instruction (maybe with the help of a tool or by following some guidelines, etc.)?

not that i'm aware of, but there are tiny LDE's (Length Disassembler Engine) you could use.

jj2007 · October 02, 2008, 12:56:01 PM

Quote from: n00b! on October 01, 2008, 11:41:56 AM
Btw. Is there a way to easily get the size of an instruction (maybe with the help of a tool or by following some guidelines, etc.)?

Code Select

include \masm32\include\masm32rt.inc

.code
AppName	db "Get the size of an opcode:", 0
start:

call @F
@@:	pop ecx   ; ecx contains EIP of pop instruction

mov edx, offset AppName

call @F   ; equivalent to mov EIP, offset @@
@@:	pop eax   ; eax contains EIP of pop instruction
sub eax, ecx
sub eax, 6
MsgBox 0, str$(eax), addr AppName, MB_OK

call @F
@@:	pop ecx   ; ecx contains EIP of pop instruction

lea edx, offset AppName

call @F   ; equivalent to mov EIP, offset @@
@@:	pop eax   ; eax contains EIP of pop instruction
sub eax, ecx
sub eax, 6
MsgBox 0, str$(eax), addr AppName, MB_OK

exit			; short form of invoke ExitProcess, 0

end start

FORTRANS · October 02, 2008, 01:34:12 PM

Quote
Btw. Is there a way to easily get the size of an instruction (maybe with the help of a tool or by following some guidelines, etc.)?

Why not assemble with a listing? Makes counting easy.

Code Select


      88 001F  8A E0			        MOV     AH,AL   ; save 
      89 0021  BB 0078 R		        MOV     BX,OFFSET DivRes 
      90 0024  D7			        XLAT

Steve

jj2007 · October 02, 2008, 03:18:50 PM

Quote from: FORTRANS on October 02, 2008, 01:34:12 PM
Why not assemble with a listing? Makes counting easy.

What? Counting with your FINGERS?? ::)

Code Select

include \masm32\include\masm32rt.inc

; CONSOLE assemble and link

opsize MACRO arg
ifndef OpSizeDD
	.data?
	OpSizeDD	dd ?
	.code
	echo dd defined
endif
ifb <arg>
	call @F
@@:	pop OpSizeDD   ; contains EIP of pop instruction
else
	call @F
@@:	push eax
	mov eax, [esp+4]
	sub eax, 11
	sub OpSizeDD, eax   ; contains EIP of pop instruction
	neg OpSizeDD
	pop eax
	add esp, 4
	pushad
	print chr$(13, 10, <arg>, 9)
	print str$(OpSizeDD)
	print chr$(" bytes")
	; invoke MessageBox, 0, str$(OpSizeDD), chr$(<arg>), MB_OK
	popad
endif
ENDM

.code
AppName	db "Get the size of a piece of code:", 0
start:

print offset AppName, 13, 10

opsize
	push eax
	pop eax
opsize "push & pop"

opsize
	pushad
	popad
opsize "pushad & popad"

opsize
	inc eax
opsize "inc eax    "

opsize
	add eax, 1
opsize "add eax, 1"

opsize
	mov eax, -1
opsize "mov eax, -1"

opsize
	or eax, -1
opsize "or eax, -1"

opsize
	mov eax, 0
opsize "mov eax, 0"

opsize
	and eax, 0
opsize "and eax, 0"

opsize
	mov edx, offset AppName
opsize "mov edx, offset AppName"

opsize
	lea edx, AppName
opsize "lea edx, AppName"

print chr$(13, 10,10)
inkey "Hit any key to get outta here"
exit

end start

jj2007 · October 02, 2008, 03:51:12 PM

For joyful playing, I attach the code. Usage:

opsize
   m2m ecx, 99
   .While !ZERO?
      dec ecx
   .Endw
opsize ".While not zero (fails miserably!)"

Some results:

Code Select

push eax        1 bytes
pop eax         1 bytes
pushad & popad (/2)     2 bytes
inc eax         1 bytes
add eax, 1      3 bytes
mov eax, -1     5 bytes
or eax, -1      3 bytes
mov eax, 0      5 bytes
and eax, 0      3 bytes
mov edx, offset AppName 5 bytes
lea edx, AppName        6 bytes
lea edx, [AppName+4*eax]        7 bytes
lea edx, [AppName+4*eax+8]      7 bytes
jmp @F          2 bytes
simple loop, version A  8 bytes
simple loop, version B  6 bytes
.While/.Endw    10 bytes
.While not sign 8 bytes
.While not zero (fails miserably!)      8 bytes
.Repeat/.Until zero?    6 bytes
.Repeat/.Until ecx==0   8 bytes
.Repeat/.Until sign     6 bytes

Apart from that, Steve is perfectly right that a listing does the job, too. The macro is easier to handle if you are trying to size-optimise a longer piece of code.

[attachment deleted by admin]

n00b! · October 02, 2008, 10:50:41 PM

Nice, many thanks for your replies! :U

But I thought of a extern tool (maybe using a lookup-table or something like that) instead of assembling or disassembling an assembly :red

BlackVortex · October 02, 2008, 11:21:09 PM

Quote from: n00b! on October 02, 2008, 10:50:41 PM
Nice, many thanks for your replies! :U

But I thought of a extern tool (maybe using a lookup-table or something like that) instead of assembling or disassembling an assembly :red

RadAsm has a codesize plugin, but you need to use "projects" for it to work, doesn't work with single asm files *sob*

It shows the size of each instruction at the side.

Some of the older members here, plz make a better alternative, I hate using "projects" lolz

jj2007 · October 02, 2008, 11:35:53 PM

The macro does the job, but attention, it actually executes the instructions, so make sure the code is correct.
It comes in two versions:

1. For one instruction: Start the string with a colon, :

opsize ":lea edx, [AppName+4*eax+ecx+8]"

2. For multiple instructions, start with a blank "opsize" and end with an explanatory text:

Code Select

opsize
	mov ecx, 99
@@:	dec ecx
	jne @B
opsize "loop: mov ecx, 99 - dec ecx - jne @B"

Code attached, sample output below.

Code Select

Bytes
0      .if 1 ... .endif
 5      .if eax ... nop ... .endif
 5      test eax, eax .. nop ... je @F
 2      .While 0 ... .Endw
 3      sub [esp], eax
 4      sub dword ptr [esp], 127
 7      sub dword ptr [esp], 128
 1      push eax
 1      pop eax
 1      pushad
 1      popad
 1      inc eax
 3      add eax, 1
 3      or eax, -1
 5      mov eax, -1
 3      and eax, 0
 5      mov eax, 0
 4      mov ax, 0
 2      mov al, 0
 3      add eax, 127
 4      add ax, 127
 2      add al, 0
 5      add eax, 128
 4      add ax, 128
 2      add al, 128
 5      mov edx, offset AppName
 6      lea edx, AppName
 7      lea edx, [AppName+4*eax]
 7      lea edx, [AppName+4*eax+8]
 7      lea edx, [AppName+4*eax+ecx+8]
 7      mov edx, dword ptr [AppName+4*eax+ecx+8]
 2      jmp @F
 8      loop: mov ecx, 99 - dec ecx - jne @B
 6      loop: m2m ecx, 99 - dec ecx - jne @B
 10     .While ecx - dec ecx - .Endw
 8      .While not sign
 8      .While 1 - dec ecx - ,break .if zero?, ecx=0
 8      .While 1 - dec ecx - ,break .if sign?, ecx=-1
 8      .While not zero (fails miserably)
 8      .Repeat/.Until ecx==0, ecx=0
 6      .Repeat/.Until zero?, ecx=0
 6      .Repeat/.Until sign?, ecx=-1

[attachment deleted by admin]

n00b! · October 03, 2008, 01:06:36 PM

Sure your code gets all the information I want, but it would be nice to not have to always reassemble the code.

FORTRANS · October 03, 2008, 01:44:08 PM

Quote from: n00b! on October 03, 2008, 01:06:36 PM
Sure your code gets all the information I want, but it would be nice to not have to always reassemble the code.

Well, get yourself an opcode list for finding out about single
instructions. The Intel and AMD references will have that. Or
use a debugger to disassemble a block of code. If it's your code,
a listing still sounds good to me.

Ducks,

Steve N.

jj2007 · October 03, 2008, 02:03:25 PM

Quote from: FORTRANS on October 03, 2008, 01:44:08 PM
Well, get yourself an opcode list for finding out about single
instructions. The Intel and AMD references will have that.

\masm32\help\opcodes.chm is a good start, too.

News:

call a (relative) virtual address