flat assembler
Message board for the users of flat assembler.
Index
> Windows > Win API call |
Author |
|
macgub 20 Nov 2023, 17:07
I am not sure - but maybye try preserve esi? You may also see in debugger witch registers are changed after eax call ...
|
|||
20 Nov 2023, 17:07 |
|
Andy 20 Nov 2023, 19:00
It works if I save ESI before each call.
Code: use32 push ebp mov ebp, esp mov esi, [ebp + 8] continue: push esi push 8 add esi, 24 push esi add esi, 32 push esi push 0 push 2 push 0 mov eax, [esi - 56] call eax ; GetTimeFormatW(0, 2, 0, Result, Format, 8 ) pop esi push esi push 5 add esi, 24 push esi push 5 add esi, 16 push esi push 16 push 0 mov eax, [esi - 28] call eax ; CompareStringW(0, 16, Last, 5, Result, 5) pop esi cmp eax, 2 ; If Last = Result je skip ; Then skip update push esi add esi, 24 push esi add esi, 16 push esi mov eax, [esi - 24] call eax ; StrCpyW(Last, Result) pop esi push esi add esi, 24 push esi push 0 push 12 sub esi, 4 mov eax, [esi] push eax mov eax, [esi - 16] call eax ; SendMessageW(Ctrl, WM_SETTEXT, 0, Result) pop esi skip: push esi push 100 mov eax, [esi + 8] call eax ; Sleep(100) pop esi jmp continue mov esp, ebp pop ebp ret 4 I have just one more question. What happens with the data pushed on stack for each call? It's my job to clear the stack or the called function will clear the stack? |
|||
20 Nov 2023, 19:00 |
|
macgub 20 Nov 2023, 20:06
There is ret XX instruction - standard way to end of procedure. XX means number of bytes added to esp register. From my experience Windows restore stack after API calls. In case of your code - you can restore stack by ex. "ret 4" or manually by ex. "add esp,4".
|
|||
20 Nov 2023, 20:06 |
|
AsmGuru62 21 Nov 2023, 14:48
I always wonder why no one uses a debugger today.
Just load your code into debugger and set a breakpoint on an API call and AFTER an API call and watch the registers -- they turn RED when modified. Run it for a few loops -- two times would be probably enough -- and you will see the error of your ways. Do not step-to-step, just go: Run, Run, Run ... and watch the registers. |
|||
21 Nov 2023, 14:48 |
|
Furs 21 Nov 2023, 15:29
Andy wrote: I have just one more question. What happens with the data pushed on stack for each call? It's my job to clear the stack or the called function will clear the stack? For registers, eax, ecx and edx are "modified" by API calls (by contract), the rest should be saved, so you don't have to save ebx, esi, edi or ebp when calling. You do have to save them in the function itself if you implement a callback that's stdcall and called by Windows though. I mean you have to follow their ABI in this case. |
|||
21 Nov 2023, 15:29 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.