What is the syntax for this?

[baltoro]

I want to add a section to my executable. A .baltoro section,...
What is the official syntax for this? And, how do you set the size for this? Is there a terminating directive?
Thanks,...

[donkey]

Code Select Expand

.CODE [[Name]]

Example

Code Select Expand

.CODE baltoro

http://msdn.microsoft.com/en-us/library/8t163bt0%28v=VS.71%29.aspx

[dedndave]

that would be a no-read, no-write, no-execute section, right Edgar ?

[donkey]

that would be a no-read, no-write, no-execute section, right Edgar ?

Probably right Dave, guess I should have went downstairs and got my MASM manual.

[oex]

Langley are currently still working on a terminating directive

[jj2007]

Probably right Dave, guess I should have went downstairs and got my MASM manual.

Downstairs in D:\masm32\... I found something. Here is a snippet for demonstrating some cute differences:

Code Select Expand

include \masm32\include\masm32rt.inc

.fardata Ciao_Initialised
haha db "So this is funny", 0
mov eax, ecx
nops 100

.fardata? Ciao_Non_Initialised
haha2 dd 123
mov eax, ecx
nops 100

.data
haha3 dd 123

.code
start: MsgBox 0, str$(haha3), offset haha, MB_OK
exit

end start


A. Masm and Link create the segments Ciao_Ini and Ciao_Non. The exe shows a MsgBox with "123". No warning issued.

B. JWasm is more compatible and therefore (rightly so) complains bitterly that "Instructions and initialized data not supported in BSS segments". The exe shows a MsgBox with an empty string (You may see the "123" by moving the MsgBox one line further down :green2)

C. Polink dislikes these segment names and says f***off with an access violation:
00411AD2             ³.  8B45 EC                   ³mov eax, [local.5]
00411AD5             ³.  8B18                      ³mov ebx, [eax]

P.S.: The Masm reference says:

.FARDATA [ [name] ]
When used with .MODEL, starts a far data segment for initialized data
(segment name FAR_DATA or name).

.FARDATA? [ [name] ]
When used with .MODEL, starts a far data segment for uninitialized data
(segment name FAR_BSS or name).

[donkey]

Downstairs in D:\masm32\... I found something. Here is a snippet for demonstrating some cute differences:

Actually I have an original set of MASM manuals (along with a MASM license) hidden away in a box in the basement along with some older intel and amd manuals. Haven't blown the dust off them for quite some time though.

Edgar

[jj2007]

Actually I have an original set of MASM manuals (along with a MASM license) hidden away in a box in the basement along with some older intel and amd manuals. Haven't blown the dust off them for quite some time though.

The mere thought of dust makes me cough, and prevents me from digging in my basement, Edgar. I know there are some books from my engineering studies, occasionally useful, but I seem to be allergic against printed paper :(

[dedndave]

i thought, in order to use far segments, you have to use compact, medium, large, or huge model, as appropriate

[jj2007]

That sounds plausible, Dave, but the new segments are actually there. You can see them e.g. in PEview. And .data? name does not work...

[donkey]

Been quite a long time since I used MASM but don't you have to inform the linker ?

/SECTION:MySection,RWES(etc...)

[donkey]

After playing with it for quite a while (I really don't use MASM often) I came up with this:

Add to link command line:

Code Select Expand

/SECTION:Edgar,RWE /MERGE:.text=Edgar /ENTRY:start

In the code:

Code Select Expand

.CODE Edgar
start:

invoke GetModuleHandle,NULL
mov [hInstance],eax
invoke SomeProc,1
invoke ExitProcess,0


SomeProc PROC lParam:DWORD

; just checking
ret

SomeProc endp

end start

Seems to work but I haven't really tested it thoroughly.

PEBrowsePro shows that there is no longer a .text section, only an executable section called Edgar and OllyDbg shows the entry point at the right place and it executes OK.

Edgar

[Synfire]

I don't have masm handy, but shouldn't you be able to use:

Code Select Expand

.386
.Model Flat

puts PROTO C :dword
exit PROTO C :dword

WordList SEGMENT READONLY PAGE PUBLIC FLAT
S1 DB "One", 0
S2 DB "Two", 0
S3 DB "Three", 0
S4 DB "Four", 0
S5 DB "Five", 0

WordTable:
DWORD OFFSET S1
DWORD OFFSET S2
DWORD OFFSET S3
DWORD OFFSET S4
DWORD OFFSET S5
WordList ENDS

.CODE
_start: xor ecx, ecx
@@: push ecx
invoke puts, WordTable[ecx * SIZEOF(DWORD)]
pop ecx
inc ecx
cmp ecx, 5
jne @B
invoke exit, 0

End _start

I built and ran this code under Linux with JWASM, here is the complete output.

Code Select Expand

[bkeller@b0x Test]$ jwasm -elf -zcw -Fo=segsample.o segsample.asm
JWasm v2.04c, Jan 12 2011, Masm-compatible assembler.
Portions Copyright (c) 1992-2002 Sybase, Inc. All Rights Reserved.
Source code is available under the Sybase Open Watcom Public License.

segsample.asm: 32 lines, 2 passes, 0 ms, 0 warnings, 0 errors
[bkeller@b0x Test]$ gcc -nostartfiles -o segsample segsample.o
[bkeller@b0x Test]$ ./segsample
One
Two
Three
Four
Five
[bkeller@b0x Test]$ readelf -S segsample
There are 17 section headers, starting at offset 0x478:

Section Headers:
 [Nr] Name              Type            Addr     Off    Size   ES Flg Lk Inf Al
 [ 0]                   NULL            00000000 000000 000000 00      0   0  0
 [ 1] .interp           PROGBITS        080480f4 0000f4 000013 00   A  0   0  1
 [ 2] .note.gnu.build-i NOTE            08048108 000108 000024 00   A  0   0  4
 [ 3] .gnu.hash         GNU_HASH        0804812c 00012c 000018 04   A  4   0  4
 [ 4] .dynsym           DYNSYM          08048144 000144 000030 10   A  5   1  4
 [ 5] .dynstr           STRTAB          08048174 000174 00001f 00   A  0   0  1
 [ 6] .gnu.version      VERSYM          08048194 000194 000006 02   A  4   0  2
 [ 7] .gnu.version_r    VERNEED         0804819c 00019c 000020 00   A  5   1  4
 [ 8] .rel.plt          REL             080481bc 0001bc 000010 08   A  4   9  4
 [ 9] .plt              PROGBITS        080481cc 0001cc 000030 04  AX  0   0  4
 [10] .text             PROGBITS        080481fc 0001fc 000022 00  AX  0   0  4
 [11] WordList          PROGBITS        08048300 000300 00002c 00   A  0   0 256
 [12] .dynamic          DYNAMIC         0804932c 00032c 0000a0 08  WA  5   0  4
 [13] .got.plt          PROGBITS        080493cc 0003cc 000014 04  WA  0   0  4
 [14] .shstrtab         STRTAB          00000000 0003e0 000096 00      0   0  1
 [15] .symtab           SYMTAB          00000000 000720 0001d0 10     16  23  4
 [16] .strtab           STRTAB          00000000 0008f0 000086 00      0   0  1
Key to Flags:
 W (write), A (alloc), X (execute), M (merge), S (strings)
 I (info), L (link order), G (group), x (unknown)
 O (extra OS processing required) o (OS specific), p (processor specific)
[bkeller@b0x Test]$

[japheth]

i thought, in order to use far segments, you have to use compact, medium, large, or huge model, as appropriate

.FARDATA or .FARDATA? means that those segments are NOT included in DGROUP. In segmented memory models, DGROUP is/was the one physical segment to which segment register DS (and SS) were "automatically" pointing. In the FLAT memory model, DGROUP is useless, and hence .FARDATA becomes a quite normal data segment.

[baltoro]

that would be a no-read, no-write, no-execute section, right Edgar ?

...yeah,...Actually, maybe a no-read, no-write, no-execute, no-booger section,...
I'll have to play around with it,...I think EDGAR's got it,...though. I don't know if it's really that useful for ordinary intents.

.FARDATA or .FARDATA? means that those segments are NOT included in DGROUP. In segmented memory models, DGROUP is/was the one physical segment to which segment register DS (and SS) were "automatically" pointing. In the FLAT memory model, DGROUP is useless, and hence .FARDATA becomes a quite normal data segment.

...that is interesting,...

Langley are currently still working on a terminating directive

...FUNNY,...
Anyway, thanks for the intel,...