Index
> Windows > Beginners Question..Goto page 1, 2, 3 Next |
| Author |
|
|
kohlrak
Essentially, numbers and pointers are passed, followed by a call instruction. The call instruction passes a pointer to what's after the call, so the ret can pop that location off the stack and jump to it... Lemme translate...
Code: invoke meow, 1, 2, 3 more code translates to: Code: push 3 push 2 push 1 call [meow] Where call can be replaced as: Code: push 3 push 2 push 1 push nextoffset jmp [meow] nextoffset: The ret, essentually (although, just like call, it's not a macro) does this: Code: pop ebx jmp ebx to return back to the procedure. |
|||
04 Dec 2009, 01:17 |
|
|
Jmac
Thanks for the quick reply....
Yeah I understood about the pushing.......just was not clear on what it was that was actually being pushed.... So basically its either a number or a pointer that gets pushed.... |
|||
|
04 Dec 2009, 01:34 |
|
|
kohlrak
Essentially yes, because you can only ever actually push small things. You could never push a whole structure (wouldn't that be a headache?), so you are instead pushing the pointer to that structure. Pointers are dealt with alot in programming, they're just painful in HLLs (but not in assembly, thank god).
|
|||
|
04 Dec 2009, 01:46 |
|
|
Jmac
great....thats helps...
Thank you |
|||
|
04 Dec 2009, 01:48 |
|
|
kohlrak
Also, be sure to learn what is a pointer and what is a structure when messing with the winAPI. Often, handles and things tend to be sent to you as pointers, so you can pass them directly again (rather than passing a pointer to wherever you stored it), but if you create them yourself, they tend to be structures that you pass the pointer to.
|
|||
|
04 Dec 2009, 01:52 |
|
|
bitshifter
To see whats happening inside the stack during a procedure...
http://board.flatassembler.net/topic.php?p=92372#92372 |
|||
|
04 Dec 2009, 03:43 |
|
|
Jmac
Hi all..
If its ok with the forum I will continue to ask my beginner questions on this thread... I understand the idea of the flow of a program but not sure about situation like this... .wmcommand: jne .iconerror_ok or [flags],MB_ICONERROR .iconerror_ok: push ID_ICONINFORMATION This is just a snipper if one of the examples....But does the program just contiue if no jmp or such gets in the way..the last operation inbetween is an "or", so then it just continues on to the next....? |
|||
|
04 Dec 2009, 08:40 |
|
|
kohlrak
Pretty much...
|
|||
|
04 Dec 2009, 08:45 |
|
|
Jmac
Hi
Great....thats what I was assuming.....just was not sure given the lable ...I though maybe you could only jump to it.... thanks for the Help. |
|||
|
04 Dec 2009, 08:52 |
|
|
vid
hint: download OllyDbg debugger, and learn how to step through your code instruction-by-instruction. That way you will see what is happening all the time.
|
|||
|
04 Dec 2009, 10:17 |
|
|
Jmac
Hi...
I remember seeing something about that in my searches....will take a look, thanks for the suggestion. John |
|||
|
04 Dec 2009, 12:26 |
|
|
Borsuc
I second OllyDbg, it's an awesome program. Very handy if you are beginner.
|
|||
|
04 Dec 2009, 16:08 |
|
|
Jmac
Hi all..
I am trying out that impressive program....OllyObg My question is....how do numbers get changed from what is typed in.. example from one of the FASM examples.. push 0 push DialogProc push HWND_DESKTOP push 37 push eax call DialogBoxParam Thats what is in the example...but using an invoke but when looking at it using OllyD.....the 37 becomes 25.....how/why does this occur. |
|||
|
06 Dec 2009, 01:33 |
|
|
windwakr
37 in decimal = 25 in hex. You input the number in base 10(decimal), but fasm converts it to base 16(hex)
If you put an "h" at the end of a number in FASM(or a "0x" before it), then FASM will directly interpret that as a hex number. |
|||
|
06 Dec 2009, 01:46 |
|
|
Jmac
Hi all...
Ahhh ok...did not think of that.... I assumed it put a "h" or something to till the difference... Ok that makes some sense..... Thanks for the very quick reply... |
|||
|
06 Dec 2009, 01:48 |
|
|
Jmac
Hi all...
now I have more time to do some learning....my process of learning is to use an example an pull it apart..and work it back together step by step.. I was doing this on the example Dialog.asm thats provided with FASM. First question is...if the broken down example can be compiled and run on a windows 95 computer........but will only compile but not run on an XP.....it seems to run..just wont display the dialog frame... pretty much the only things removed were buttons and the code reacting to some event.... Only the window clsing "X" fuction was left in.. so I am a little stumped...works on 95..not on XP...but is basically the same program... |
|||
|
23 Dec 2009, 02:29 |
|
|
revolution
Without code to see it is very difficult to know what you have done.
|
|||
|
23 Dec 2009, 02:33 |
|
|
Jmac
Hi..
yes very true..... Last edited by Jmac on 23 Dec 2009, 10:07; edited 1 time in total |
|||
|
23 Dec 2009, 02:44 |
|
|
Jmac
hi...
Just discovered what was stopping the dialog frame from displaying on the XP if this is in the program ... section '.bss' readable writeable but there is nothing in it...just the heading...it was messing things up...even though I could not see any connection to this section from what I had left in the broken down program.. So, using a ";" and making it a comment...work the trick and up comes the dialog frame now..on the XP. |
|||
|
23 Dec 2009, 03:16 |
|
| Goto page 1, 2, 3 Next < Last Thread | Next Thread > |
Forum Rules:
|