News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

The Address of the Next Instruction

Started by Citric, May 12, 2005, 05:19:00 AM

Previous topic - Next topic
Print
Go Down Pages1 2
User actions

Citric

May 12, 2005, 05:19:00 AM
Hi All

Is it possible to move the address of the next into a variable ie
Code Select

    mov eax,"next instruction address"
    mov [spotToJumpBackToo],eax


Cheer Adam

Petroizki

#1
May 12, 2005, 05:26:40 AM
Maybe you could do something like?
Code Select
mov eax, OFFSET @F
@@:

roticv

#2
May 12, 2005, 06:43:28 AM
Code Select

call @F
@@:
pop eax ;eax = address of next instruction - 1
;next instruction

AeroASM

#3
May 12, 2005, 07:24:14 AM
Code Select

call @F
@@:
pop eax
add eax, offset NextInstruction - offset @B
NextInstruction:


Petroizki's way is simplest, quickest and smallest though.

Citric

#4
May 12, 2005, 07:34:54 AM
isnt there a register with the current instruction pointer?

Adam.

Citric

#5
May 12, 2005, 08:15:50 AM
Should "mov [istrPointer], eip + 4" work?

Adam

Petroizki

#6
May 12, 2005, 08:39:20 AM
You can't use eip register directly. You have to do some tricks to get it.

AeroASM

#7
May 12, 2005, 10:00:31 AM
JUst thought of another idea:

Code Select

int 3
jmp @F
dd 0
@@:


Then, make another app which debugs the first one and when it gets the int3, it uses GetThreadContext to get the eip, then stores it in the spare dd.

MichaelW

#8
May 12, 2005, 10:16:44 AM
Quote
Should "mov [istrPointer], eip + 4" work?

The programmer does not have direct access to the instruction pointer, so EIP is not a valid symbol.

These should work:

mov [istrPointer], $ + 10
mov eax, $ + 5

Where the number at the end is the length of the assembled instruction in bytes.
eschew obfuscation

Mark Jones

#9
May 12, 2005, 12:32:22 PM
This may be a dumb question... but there's no EIP macro?
"To deny our impulses... foolish; to revel in them, chaos." MCJ 2003.08

Farabi

#10
May 14, 2005, 03:47:50 AM
GetEIP proc
pop eax
push eax

ret

GetEip endp
Those who had universe knowledges can control the world by a micro processor.
http://www.wix.com/farabio/firstpage

"Etos siperi elegi"

BogdanOntanu

#11
May 14, 2005, 04:02:58 AM
Take care because this code:
Code Select

mov eax, OFFSET @F
@@:


Is calculated at compile time not at runtime.
Ambition is a lame excuse for the ones not brave enough to be lazy.
http://www.oby.ro

MazeGen

#12
May 17, 2005, 08:29:20 AM
Mark, what do you mean by "EPI macro"?

Bogdan, the offset is not relocated at run-time?

AeroASM

#13
May 17, 2005, 09:51:50 AM
EXEs generally do not have a relocation table, so they have to be loaded at the correct base otherwise they are screwed.

Randall Hyde

#14
May 17, 2005, 11:55:13 PM
Quote from: AeroASM on May 17, 2005, 09:51:50 AM
EXEs generally do not have a relocation table, so they have to be loaded at the correct base otherwise they are screwed.

Sure they do!  It's possible to strip the relocation entries (the .reloc section) from an EXE file, in which case what you claim would be true, but standard EXEs are certain relocatable.
Cheers,
Randy Hyde
Print
Go Up Pages1 2
User actions