flat assembler
Message board for the users of flat assembler.

Index > Main > Is it possible to change assembling point? / Patching macros

Goto page 1, 2  Next
Author
Thread Post new topic Reply to topic
Grom PE



Joined: 13 Mar 2008
Posts: 114
Location: i@grompe.org.ru
Grom PE
Sometimes it could be very useful to change current assembling point.
Is there a way?
For example, it would allow patching programs like this:
Code:
format binary as 'exe'

file 'program.exe'

assemble at 400h ; .text section start

org 401000h

assemble at 1688h ; Patching old drawing routine

  jmp new_drawing_routine
  nop
after_drawing_routine:

assemble at 3840h ; Unused free space

new_drawing_routine:
  ; (old code, overwritten by jmp)
  ; (new code)
  jmp after_drawing_routine    
Edit: subject edited


Last edited by Grom PE on 26 Jul 2008, 12:05; edited 2 times in total
Post 17 May 2008, 07:22
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16890
Location: In your JS exploiting you and your system
revolution
Use 'org' for that. Or if you mean to patch an existing file then use 'store'.
Post 17 May 2008, 13:19
View user's profile Send private message Visit poster's website Reply with quote
Grom PE



Joined: 13 Mar 2008
Posts: 114
Location: i@grompe.org.ru
Grom PE
Using "store" won't be any more convenient than plain byte patch.
Or it's possible to use it in macro to achieve syntax similar to my example?
Post 17 May 2008, 13:36
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16890
Location: In your JS exploiting you and your system
revolution
Have a look at the fasmarm sources. There are some macros used to this type of patching with normal assembly used to get the patch bytes.
Post 17 May 2008, 13:44
View user's profile Send private message Visit poster's website Reply with quote
Grom PE



Joined: 13 Mar 2008
Posts: 114
Location: i@grompe.org.ru
Grom PE
Thanks, but there's a problem with "store" anyway: if I move assembled code to wanted address, it's still is not deleted from original place.
So there's side effect of increasing patched executable size with garbage, or, in best case, with zero bytes.
Post 17 May 2008, 13:51
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16890
Location: In your JS exploiting you and your system
revolution
Use virtual to make the patch bytes, then capture with load, close the virtual and patch whatever you need. Zero bytes added to the file.
Post 17 May 2008, 14:37
View user's profile Send private message Visit poster's website Reply with quote
Grom PE



Joined: 13 Mar 2008
Posts: 114
Location: i@grompe.org.ru
Grom PE
How to make it work when "load" can only define 8-byte constants max, and I want to have patching sequences of arbitrary size?

Maybe it's easier to modify fasm source code to allow changing assembling point?
Post 17 May 2008, 15:13
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16890
Location: In your JS exploiting you and your system
revolution
You could use multiple load/store sequences etc. but it is messy. I think you might want to use a proper patching program. fasm is not really designed to efficiently do what you want.
Post 17 May 2008, 15:58
View user's profile Send private message Visit poster's website Reply with quote
Grom PE



Joined: 13 Mar 2008
Posts: 114
Location: i@grompe.org.ru
Grom PE
No, no, fasm is just one step from becoming best patching program.
While I think how it can be done in load/store, tell me, what should I change in fasm source code. At least where can I see current assembling point.
Post 18 May 2008, 13:30
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16890
Location: In your JS exploiting you and your system
revolution
Grom PE wrote:
No, no, fasm is just one step from becoming best patching program.
Okay
Grom PE wrote:
While I think how it can be done in load/store, ...
If you haven't seen it above the link to fasmarm will show one method of patching that uses load/store sequences.
Grom PE wrote:
... tell me, what should I change in fasm source code. At least where can I see current assembling point.
It is not clear what you want to change, can you be more specific about what you want/need to achieve.
Post 18 May 2008, 14:13
View user's profile Send private message Visit poster's website Reply with quote
Grom PE



Joined: 13 Mar 2008
Posts: 114
Location: i@grompe.org.ru
Grom PE
revolution wrote:
If you haven't seen it above the link to fasmarm will show one method of patching that uses load/store sequences.
Yes, I looked at it. I'm thinking about arbitrary size sequences and clear syntax for usage.
revolution wrote:
It is not clear what you want to change, can you be more specific about what you want/need to achieve.
Just what is mentioned in the first topic - achieve syntax similar to my example.


Last edited by Grom PE on 18 May 2008, 15:35; edited 1 time in total
Post 18 May 2008, 15:27
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16890
Location: In your JS exploiting you and your system
revolution
Grom PE wrote:
Just what is mentioned in the first topic - achieve syntax similar to my example.
Oh, well in that case I think your best bet might be to alter the workings of 'org'. But what you propose would seem to only make sense for binary format. You also will need to keep track of the end of file position so that fasm won't cut the file short when producing the output.
Post 18 May 2008, 15:34
View user's profile Send private message Visit poster's website Reply with quote
Grom PE



Joined: 13 Mar 2008
Posts: 114
Location: i@grompe.org.ru
Grom PE
Maybe... As starting point, I need to catch where this "current offset" value is. Can you show me?
Post 18 May 2008, 15:38
View user's profile Send private message Visit poster's website Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 2796
Location: dank orb
bitRAKE
I wonder if there is a way to alter the END VIRTUAL directive to instead of discarding the data generated, to store it at another offset, or give it a symbolic name. Would be nice, imho. Smile

_________________
¯\(°_o)/¯ unlicense.org
Post 18 May 2008, 16:06
View user's profile Send private message Visit poster's website Reply with quote
Tomasz Grysztar
Assembly Artist


Joined: 16 Jun 2003
Posts: 7489
Location: Kraków, Poland
Tomasz Grysztar
I'm thinking about some new feature that would allow such things, and things like code compression etc. aswell. I already have some interesting idea; I will let you know, when I have something ready for testing.
Post 18 May 2008, 20:59
View user's profile Send private message Visit poster's website Reply with quote
Grom PE



Joined: 13 Mar 2008
Posts: 114
Location: i@grompe.org.ru
Grom PE
Tomasz, I eagerly waiting for such feature.


I wrote some macros with limited patching functionality:

- Doesn't allow patching backwards
- Doesn't allow "org" directive between "patchat" macros

Tips on how these could be solved are very welcome.

Code:
; Patching macros
; v0.50
; for flat assembler by Grom PE

; Plan:
; 1. Specify file name and size with "patchfile"
; 2. On every "patchat", Load and add part of file,
;    (or zeroes if file is finished) to move to specified offset.
; 3. On "patchend", if there part of file left, add it.

macro patchfile name
{
  virtual
    @@:
    file name
    p_filesize = $ - @b
  end virtual
  p_start = ($-$$)
  p_pointer = 0
  p_filename equ name
}

macro patchat address
{
  p_pointer = p_pointer - p_start + ($-$$)
  p_toadd = address - ($-$$)

  if address >= 0
    if p_toadd >= 0
      if p_pointer + p_toadd <= p_filesize
        file p_filename: p_pointer, p_toadd
      else
        p_addpart = 0
        if p_pointer < p_filesize
          p_addpart = p_filesize - p_pointer
          file p_filename: p_pointer, p_addpart
        end if
        rb p_toadd - p_addpart
      end if
    else
      "Error: can't move backwards."
    end if
  else
    "Error: invalid address, must be >= 0."
  end if

  p_start = ($-$$)
  p_pointer = p_pointer + p_toadd
}

macro patchend
{
  p_pointer = p_pointer - p_start + ($-$$)
  p_toadd = p_filesize - ($-$$)

  if p_toadd >= 0
    if p_pointer + p_toadd <= p_filesize
      file p_filename: p_pointer, p_toadd
    else
      p_addpart = 0
      if p_pointer < p_filesize
        p_addpart = p_filesize - p_pointer
        file p_filename: p_pointer, p_addpart
      end if
      db p_toadd - p_addpart dup 0
    end if
  end if
}    


Abstract usage example:

Code:
format binary as 'exe'

use32

include 'patching.inc'

patchfile 'program.exe'

patchat 1688h ; Patching old drawing routine

  jmp new_drawing_routine
  nop
after_drawing_routine:

patchat 3840h ; Unused free space (2 kb)

new_drawing_routine:
  ; (old code, overwritten by jmp)
  ; (new code)
  jmp after_drawing_routine

patchend    


Real example would be MoonEdit
Post 04 Jun 2008, 16:59
View user's profile Send private message Visit poster's website Reply with quote
Grom PE



Joined: 13 Mar 2008
Posts: 114
Location: i@grompe.org.ru
Grom PE
I tried several times, but had no success in removing this limit:
Quote:
- Doesn't allow "org" directive between "patchat" macros
Can anyone help?
How can I use "org" for some block and then set it to other value so anything below will work like no "org" was here?

Or how can I modify patching macros so they don't rely on "org" setting?
Post 22 Jul 2008, 12:54
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16890
Location: In your JS exploiting you and your system
revolution
I think you are trying to push an assembler into a task it is not designed or suited for. Going outside of the current section and "patching" another section (or sections) would need a lot of changes to the fasm core. I suggest that a proper patching program (maybe with a nice GUI) would be a good project to work on Smile
Post 22 Jul 2008, 16:28
View user's profile Send private message Visit poster's website Reply with quote
Grom PE



Joined: 13 Mar 2008
Posts: 114
Location: i@grompe.org.ru
Grom PE
Hm? Why would I need to go outside of the current section?

Fasm is the best choice for my task because of the following reasons:
- Open source patch
- Adding code to patch and then testing is quick and easy
- No additional steps between writing code and patching
Remember, I'm not patching a couple of bytes, but adding functionality.
Post 22 Jul 2008, 17:23
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16890
Location: In your JS exploiting you and your system
revolution
Grom PE wrote:
Hm? Why would I need to go outside of the current section?
Org starts a new section, with a new base and offset.
Post 22 Jul 2008, 18:06
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2019, Tomasz Grysztar.

Powered by rwasa.