flat assembler
Message board for the users of flat assembler.

Index > Compiler Internals > some bugs

Author
Thread Post new topic Reply to topic
>_<



Joined: 08 Apr 2015
Posts: 8
>_< 08 Apr 2015, 15:39
OK:
FORMAT PE GUI 6.0 on 'nul'
MajorSubSystemVersion 0x0006
MinorSubSystemVersion 0x0000

OK:
FORMAT PE GUI 6.01 on 'nul'
MajorSubSystemVersion 0x0006
MinorSubSystemVersion 0x0001

BUG:
FORMAT PE GUI 6.1 on 'nul'
MajorSubSystemVersion 0x0006
MinorSubSystemVersion 0x000A ??!


ImageBase x64:
example: vs set to 0x0000000140000000 / 0x0000000180000000 exe/dll

FORMAT PE64 GUI 6.0 DLL at 0x0000000100000000 on 'nul'

????
zzz.asm [100]:
mov qword[rax+8],xxxxxz
error: value out of range.



Resource:
directory RT_RCDATA,files

resource files,1,LANG_NEUTRAL,_test
resdata _test
file "res\test.dat"
endres

resource files,2,LANG_NEUTRAL,_test2
resdata _test2
file "res\test2.dat"
endres

????
error: symbol already defined.

already defined? this is same directory...
Post 08 Apr 2015, 15:39
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20343
Location: In your JS exploiting you and your system
revolution 08 Apr 2015, 15:45
1. Version 6.10 is 0x6 + 0xa. Not a bug.

2. "mov qword[rax+8],1 shl 32" cannot be encoded in x86-64. Not a bug, it is a processor instruction set limitation. Use "mov reg,1 shl 32" first. Then "mov qword[rax+8],reg".

3. The resources must be defined as a single set. The exe format only supports one set of resources. Not a bug, it is just a misunderstanding of how the macros work.
Post 08 Apr 2015, 15:45
View user's profile Send private message Visit poster's website Reply with quote
>_<



Joined: 08 Apr 2015
Posts: 8
>_< 08 Apr 2015, 16:50
1 anyway user set 6.1 and expect 6.1 not 6.10 or 6.989898 xD

2 thx, forgot that.
mov rdx,xxxxxz
mov [rax+8],rdx

3 please example how to put 1 2 3.. files in the same RT_RCDATA dir
Post 08 Apr 2015, 16:50
View user's profile Send private message Reply with quote
l_inc



Joined: 23 Oct 2009
Posts: 881
l_inc 08 Apr 2015, 17:06
>_<
1. That's questionable. There are multiple ways to define it:
a) 6.1 is the same as 6.01
b) 6.1 is the same as 6.10
The former way is by representing the version with two integers separated by a dot. The latter way is by representing the version with a fractional number. The documentation says it's "the minimum version of system
that the executable is targeted to (specified in form of floating-point value)". So there's no justification for the user to expect it the other way around.

3. Is the manual unclear about it? See also the fasm.pdf coming together with the fasm package.

_________________
Faith is a superposition of knowledge and fallacy
Post 08 Apr 2015, 17:06
View user's profile Send private message Reply with quote
>_<



Joined: 08 Apr 2015
Posts: 8
>_< 08 Apr 2015, 17:38
1 fractional number lol... ms link not sets 6.10 when /version:6.1 and ulink too = bug
3 hmm NOTHING
Post 08 Apr 2015, 17:38
View user's profile Send private message Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 8354
Location: Kraków, Poland
Tomasz Grysztar 10 Apr 2015, 07:55
>_< wrote:
1 fractional number lol... ms link not sets 6.10 when /version:6.1 and ulink too = bug
The syntax of fasm does not necessarily follow the rules used by other tools, that's what l_inc meant when he pointed out that this behavior is correct according to how it is documented in fasm's manual, even if may be non-standard (but there are many details of fasm's syntax that are very non-standard).

The interesting point here is what was the justification of the choice of floating-point interpretation of this setting. At the time when I made initial PE output implementation, the executables that had a version 3.10 there were still the most common ones. This version (3 and 0Ah) was referring to the version of Windows that was commonly known as Windows 3.1 (but when you looked at the exact version it was something like 3.10.xxx). This led me to believe that at the time the version of Windows was in fact interpreted like a floating-point value, and thus I chose such syntax for fasm (so you could write "3.1" instead of "3.10"), with the minor version field being filled with a number of hundredths. Nowadays this remains simply as a fasm's own backward-compatibility, and perhaps the manual should openly recommend to always use the two-digit form for any non-zero minor version.
Post 10 Apr 2015, 07:55
View user's profile Send private message Visit poster's website Reply with quote
>_<



Joined: 08 Apr 2015
Posts: 8
>_< 12 Apr 2015, 15:44
when i first time "fail" on that options - block run for winxp, but think block only win2k (that was a "fun release")
hmm win3.1.. lucky that i haven't seen her Very Happy


finaly...
directory RT_RCDATA,files

resource files,1,LANG_NEUTRAL,file1,2,LANG_NEUTRAL,file2
resdata file1
file "test1.dat"
endres

resdata file2
file "test2.dat"
endres
Post 12 Apr 2015, 15:44
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.