ponter confusion (again!)

[dicky96]

Hi guys

Well i'm still learning windows asm programming the hard way..... start coding a project and everytime somethig is not working then debug it and then learn why it doesn't work.  It certainly seems the hard way to me.  :eek

I'm was calling inet_ntoa and it was returning some strange ip addresses.

Here is what I found at microsoft about this functions

char* FAR inet_ntoa(
  struct   in_addr in
);

Parameters
in
[in] Pointer to an in_addr structure that represents an Internet host address.


I see the function needs a pointer to a 4 byte IP address so I was calling it like this:


Program name is RadeTest

.data
myip dd 0xC0A80003   <-- this value has been initialised by my program - it is 192 168 0 3 in hex

.code
invoke inet_ntoa ADDR myip

This returns some strange IP address so when I debug the software (what on earth would I do without ollydbg??) I find my code has assembled as

PUSH RadeTest.004038D0
CALL <JMP.&ws2_32.inet_ntoa

Setting a breakpoint immediately after the CALL I can see that 4038D0 points to the start of the 4 bytes C0 A8 00 03

If I look at the value pointed at by EAX I see it points to the string 208.56.64.0  which is the address 004038D0 coverted to an IP address string!

So now I decide to modify my code like this:

.data
myip dd 0xC0A80003   <-- this value has been initialised by my program - it is 192 168 0 3 in hex

.code
invoke inet_ntoa myip


I can now see with ollydbg that this code assmebles to

PUSH DWORD PTR DS:{4038D0]
CALL <JMP.&ws2_32.inet_ntoa

Which does indeed (if I set a breakpoint after the call) leave EAX ponting to the string 192.168.0.3


Now this is really confusing me..... from the second example I'm sure that C0 A8 00 03 was pushed on the stack - in other words the IP address, and in the first one it seems 00 40 38 D0 was pushed onto the stack

So why does microsoft documents say the call needs the address of the data (a pointer to the data) when what it actually needs on the stack is the data itself??


Confused  :dazzled:

dicky

[hutch--]

dicky,

The rough distinction is between knowing WHERE a variable is (its address) and WHAT its value is.

When you know WHERE a variable is in memory, you store that information in another variable and call it a pointer.

You can get an address in a number of ways depending on WHERE the data is.

    lea eax, localvar      ; get the address of a variable
    mov othervar, eax   ; store it in another variable

    mov dwptr, OFFSET globalvar  ; get address of .DATA section vcariable

    call SomeFunction(args etc ...)  ; function that returns an address in EAX
    mov retval, eax

[gabor]

Hi!

Where did you read about passing the address? It was a messy help or tutorial for sure...
As you've already experienced inet_ntoa needs a 32bit number (IP address) and not a pointer to a number (4 byte struct)! This is what I found in my former C codes too...

Well, this case is solved, I'd say!

Greets, Gábor

[dicky96]

@hutch
I'm pretty sure I can understand the difference between a pointer and data - but are u saying when microsoft docs says a "pointer" I should load another variable with the address of my data, or is that just the same as calling the function with the address of the data  ie ADDR myvar


Also I am a little confused - why does invoke let me do this

inet_ntoa ADDR myvar

and also

inet_ntoa myvar

which is presumably same as

inet_ntoa [myvar]

shouldn't masm pick up one as a pointer and the other as the data value itself and give me some sort of error regards the type of parameter passed?  I thought that was the whole idea of using invoke - error checking.

@gabor - here is where I read that inet_ntoa needs a pointer to the IP rather than the IP

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/winsock/winsock/inet_ntoa_2.asp

Is that a "dodgy" tutorial or did I stumble on an error in microsoft's documentation?

What I am most worried about is that this little experince just as I am learning to program windows has left me in doubt what should be passed to a function when microsoft say a "pointer" is needed.

PS Hutch - tomorrow I'll try your idea of LEA the address the data and storing it in another varialble and passing that to inet_ntoa to see what happens...

dicky

[MichaelW]

In the MSDN (and PSDK) documentation for inet_ntoa, in the description of the parameter "in": 

Pointer to an in_addr structure that represents an Internet host address.

The "Pointer to" is apparently an error. The prototype indicates that the parameter is the value of in, rather than the address of in:

Code Select Expand


char* FAR inet_ntoa(
  struct   in_addr in
);


I have notified Microsoft of the error.

[dicky96]

OK that settles it then, thanks

Just as an aside, a little about myself may explain why this error in the documentation had me confused...... the thing is I don't understand C very well at all, I can just about see that the prototype is showing the structure as a paramater and not a pointer!  I have written one fairly trivial application in C (about a year ago) just to get a feel for the language..... after some effort and advice I did get my app running ;)

Now you may be wondering why someone is programming windows in asm (just for fun really) when they can't program in C.  I would have to say "because it's the only way I understand"

The thing is I'm not a programmer, at least not in the sense I guess most of you guys are.  By trade I'm an electronics engineer.  Though I'm actually qualified to fix videos and TV.s In actual fact I worked for many years in the 80s and 90s repairing logic boards for a large computer manufacturer (this was in the pre-pc days)  At that time I learnt to use logic analyzers, then MICE (micro in ciruit emulator) which would allow you step through firmware running on a circuit board by dissasembling the code.   So I learnt machine code first - then assembler

In a later job I worked for a company who specialised in repairing industrial electronic boards (with no circuit diagrams) and often we had to track out and reverse engineer a board to get some sort of circuit diagram, then design and build a microprocessor controlled test rig to plug onto the board and make it do something in isolation from the equipment it would normally be attached too. We would have to write our own test firmware and blow it to rom as well - so I got a lot more expertise in assembler on various processors.

I no longer work in that field, and now I'm just learning assembler on the PC for the pleasure of it, but as you can see I come to programming from the "opposite direction" than most of you I guess.

I have no real problem with the assembly language itself, I struggle to understand how the OS works - the micro's I used to program had no OS of course - and in particular I find C based documentation baffling at times.  I've tried a few times to learn C and I have got so far with it, but find it "obscures" what is really going on in a way that asm does not.   C++ just seems to add a load of
"waffle" rather than getting on with the task that needs doing.

WinAPI I can kinda live with - MFC just baffles me because it seems to blur everything even further - how can anyone understand what that is doing...  it's beyond me.  Hope I didn't tread on anyones toes with these opinions.  Sorry for waffling on anyway - I'll try to stick OT in future...


dicky