News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

Sense of sign $ for compiler

Started by bomz, December 18, 2011, 10:32:00 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

bomz

December 18, 2011, 10:32:00 AM
Quote.386

.model flat, stdcall
option casemap :none

include \MASM32\INCLUDE\windows.inc
include \MASM32\INCLUDE\user32.inc
include \MASM32\INCLUDE\kernel32.inc
includelib \MASM32\LIB\user32.lib
includelib \MASM32\LIB\kernel32.lib

.data
form db "EAX: %u", 0

.data?
buffer db 512 dup(?)

.code
start:
mov eax, $;mov eax, eip
mov eax, start
mov eax, finish;lea eax, finish
invoke wsprintf,ADDR buffer,ADDR form,eax
invoke MessageBox,0,ADDR buffer,0,MB_ICONASTERISK
invoke ExitProcess,0
finish   equ $;finish:
end start
How compiler $ use?

clive

#1
December 18, 2011, 03:31:25 PM
Quote from: bomz on December 18, 2011, 10:32:00 AM
How compiler $ use?

It's technically not EIP, but rather an immediate load of a constant that the assembler places their based on it's own internal value for the current instructions origin. Depending on the segmentation and how the code was called this could be something other than EIP, or for example if you copied the bytes to some arbitrary location.

To get a closer representation of EIP, use something like CALL $+5, POP EAX
It could be a random act of randomness. Those happen a lot as well.

bomz

#2
December 18, 2011, 03:39:45 PM
QuoteCALL $+5
POP EAX

dedndave

#3
December 18, 2011, 03:57:27 PM
Code Select
mov eax, $

the original code should work...
so long as you don't overwrite the register   :P

Code Select
mov eax, $      ;mov eax, eip - we are good, here
mov eax, start  ;oops - let's overwrite the value
mov eax, finish ;lea eax, finish - oops - let's overwrite the value again

bomz

#4
December 18, 2011, 04:01:43 PM
I add this string to code one after another and see result. then move all to archive

clive

#6
December 18, 2011, 05:24:54 PM
Quote from: dedndavethe original code should work...

Indeed, but my point is that it is not position independent. ie a compile/assemble time constant, not a run time value.

The $ operator works well for computing self-relative offsets, and lengths of code/data structures.

In other architectures the program counter, 68K PC, or ARM R15 is more explicitly exposed and usable for effective address computation, jump tables, etc. This also enables constant data, "literals", to be embedded in the code section (readonly / rom-able), and for code to be address agnostic, requiring neither link or load time relocation.
It could be a random act of randomness. Those happen a lot as well.

bomz

#7
December 18, 2011, 05:46:52 PM Last Edit: December 19, 2011, 08:11:45 AM by bomz
I love tricks

Quote.386

.model flat, stdcall
option casemap :none

include \MASM32\INCLUDE\windows.inc
include \MASM32\INCLUDE\user32.inc
include \MASM32\INCLUDE\kernel32.inc
includelib \MASM32\LIB\user32.lib
includelib \MASM32\LIB\kernel32.lib

.data
mestitle db "BINARY",0

.data?
buffer db 33 dup(?)

.code
start:
   mov ebx, 10000000000000000000000000000001b
   lea edi, buffer
   mov ecx, 31
@@:
   xor eax, eax
   bt ebx, ecx
   adc al,30h
   mov byte ptr[edi], al
   add edi, 1
   sub ecx, 1
   jnc @B
   invoke MessageBox,0,ADDR buffer,ADDR mestitle,MB_ICONASTERISK
   invoke ExitProcess,0
end start
for ex ADC here

dedndave

#8
December 18, 2011, 06:32:51 PM
that is a good trick   :P
but - a look-up table is very fast for this function   :U
Print
Go Up Pages1
User actions