flat assembler
Message board for the users of flat assembler.

Index > Main > mov BX to EAX ~ the newbiest question

Goto page Previous  1, 2, 3, 4, 5, 6  Next
Author
Thread Post new topic Reply to topic
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee 01 Jan 2010, 13:11
I feel like an asm-pro now *_*
Post 01 Jan 2010, 13:11
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 18954
Location: In your JS exploiting you and your system
revolution 01 Jan 2010, 13:13
Teehee wrote:
I feel like an asm-pro now *_*
Cool
Post 01 Jan 2010, 13:13
View user's profile Send private message Visit poster's website Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee 01 Jan 2010, 13:30
Do not let that up to your head Smile

Just one more question. There is some difference of i to do a cast in the operand 'dest.' or in operand 'source'? ex:
Code:
mov dword [esp+0*4], sizeof.INITCOMMONCONTROLSEX
mov dword [esp+1*4], ICC_BAR_CLASSES+ICC_COOL_CLASSES 
; -- or --
mov [esp+0*4], dword sizeof.INITCOMMONCONTROLSEX
mov [esp+1*4], dword ICC_BAR_CLASSES+ICC_COOL_CLASSES     
Post 01 Jan 2010, 13:30
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 18954
Location: In your JS exploiting you and your system
revolution 01 Jan 2010, 13:35
This is the usual way:
Code:
mov dword [esp+0*4], sizeof.INITCOMMONCONTROLSEX
mov dword [esp+1*4], ICC_BAR_CLASSES+ICC_COOL_CLASSES      
Post 01 Jan 2010, 13:35
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 18954
Location: In your JS exploiting you and your system
revolution 01 Jan 2010, 13:35
But try to use symbolic constants instead of magic number constants. Wink
Post 01 Jan 2010, 13:35
View user's profile Send private message Visit poster's website Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee 01 Jan 2010, 13:46
So there is no difference.

Whats symbolic constants and magic number constants?
Post 01 Jan 2010, 13:46
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 18954
Location: In your JS exploiting you and your system
revolution 01 Jan 2010, 13:54
Code:
mov eax,[ebx+NMHDR.code]
mov eax,[ebx+8]    
Which line is easier to understand?
Post 01 Jan 2010, 13:54
View user's profile Send private message Visit poster's website Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee 01 Jan 2010, 13:58
The first one. its possible to do that? *.*
Post 01 Jan 2010, 13:58
View user's profile Send private message Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee 01 Jan 2010, 14:01
revolution wrote:

Teehee: You can access esp directly like that but beware when you want to push an esp based parameter that is not the last:
Code:
invoke SomeFunction,[esp],eax,... ;<--- dangerous, esp parameter is not last
invoke SomeFunction,ebx,eax,[esp] ;<--- okay because esp is the last parameter    
It can be done but you have to adjust the esp offset by +4 for each parameter that comes after the [esp] parameter.


Do you mean:
SomeFunction,[esp+4],eax ?

_________________
Sorry if bad english.
Post 01 Jan 2010, 14:01
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 18954
Location: In your JS exploiting you and your system
revolution 01 Jan 2010, 14:05
Teehee wrote:
You mean:
SomeFunction,[esp+4],eax ?
I depends upon how many parameters are listed after the [esp] and also upon which original offset you are using.

e.g.
Code:
invoke SomeThing,[esp+12],[esp+8],[esp+4],[esp] ;All push the same value
invoke SomeThing,[esp],[esp],[esp],[esp] ;All push the same value also!
invoke SomeThing,[esp+24],[esp+16],[esp+8],[esp] ;pushing stack values in reverse order    
Post 01 Jan 2010, 14:05
View user's profile Send private message Visit poster's website Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee 01 Jan 2010, 14:09
I think I don't understand why they all push the same value and why the last one in reverse order. o.o'
Post 01 Jan 2010, 14:09
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 18954
Location: In your JS exploiting you and your system
revolution 01 Jan 2010, 14:14
esp changes after each push. That is why people use ebp, it doesn't change.
Post 01 Jan 2010, 14:14
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 18954
Location: In your JS exploiting you and your system
revolution 01 Jan 2010, 14:16
Code:
invoke SomeThing,[esp],[esp],[esp],[esp],eax    
is the same as:
Code:
invoke SomeThing,eax,eax,eax,eax,eax    
is the same as:
Code:
invoke SomeThing,[esp+12],[esp+8],[esp+4],[esp],eax    
Post 01 Jan 2010, 14:16
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 11121
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 0010456
sleepsleep 01 Jan 2010, 15:17
Quote:

var1: 0000 address ; just example
7 value
var2: 00FF address
5 value
mov eax, [var1] ; mov value of var1 (7) to eax ; eax = 7 ?
mov ebx, [var2] ; mov value of var2 (5) to ebx ; ebx = 5 ?
cmp [ebx], eax ; cmp address (0005) with value of eax (7)?


you got it right for the first and second mov example.
the third one is wrong a bit.

after above 2 mov(s) instruction.
the third [ebx] means to access the value of linear address number 5.

so, now, the 0005 address could be anything. any figure.

u commet said, cmp (address) 0005 with value 7..
yeah it is correct.

but u also understand that 0005 is not defined and could be anything.
Post 01 Jan 2010, 15:17
View user's profile Send private message Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee 01 Jan 2010, 15:37
hmmm...
Post 01 Jan 2010, 15:37
View user's profile Send private message Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee 02 Jan 2010, 15:32
Revolution,
I tried this, but doesn't work:
Code:
sub      esp, sizeof.RECT
invoke   SendMessage,[hToolBar],TB_GETRECT,[eax+NMTOOLBAR.iItem],esp
invoke   MapWindowPoints,[hToolBar],HWND_DESKTOP,dword[esp+4],2  ; <- crashes my app

invoke   LoadMenu,[hInstance],LAB_MENU
mov      ebx, eax
invoke   GetSubMenu,eax,0
invoke   TrackPopupMenuEx,eax,TPM_LEFTALIGN+TPM_LEFTBUTTON+TPM_VERTICAL,\
         [esp+RECT.left],[esp+RECT.bottom],[hMainWnd],NULL
invoke   DestroyMenu,ebx
add      esp, sizeof.RECT 

; dword[esp+4] <- crashes
; esp only     <- "works": but its a weird value    
Post 02 Jan 2010, 15:32
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 18954
Location: In your JS exploiting you and your system
revolution 02 Jan 2010, 15:43
You have to pass the address, not the value:
Code:
invoke   MapWindowPoints,[hToolBar],HWND_DESKTOP,addr esp+4,2    
Also this needs changing:
Code:
invoke   TrackPopupMenuEx,eax,TPM_LEFTALIGN+TPM_LEFTBUTTON+TPM_VERTICAL,\
         [esp+RECT.left+12],[esp+RECT.bottom+8],[hMainWnd],NULL     
So now you see why using esp directly is problematic?
Post 02 Jan 2010, 15:43
View user's profile Send private message Visit poster's website Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee 02 Jan 2010, 15:53
Yeah, I see Smile

i didn't know that 'addr' keyword. Where can I read about?

and, how can I use esp indirectly?
Post 02 Jan 2010, 15:53
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 18954
Location: In your JS exploiting you and your system
revolution 02 Jan 2010, 15:54
Teehee wrote:
and, how can I use esp indirectly?
Code:
mov ebp,esp
...
invoke SomeThing,[ebp],eax,...    
Post 02 Jan 2010, 15:54
View user's profile Send private message Visit poster's website Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee 02 Jan 2010, 15:59
it crashes..
Code:
sub      esp, sizeof.RECT
mov     ebp, esp
invoke   SendMessage,[hToolBar],TB_GETRECT,[eax+NMTOOLBAR.iItem], ebp
invoke   MapWindowPoints,[hToolBar],HWND_DESKTOP,ebp,2

invoke   LoadMenu,[hInstance],LAB_MENU
mov      ebx, eax  ; EBX = hMenu
invoke   GetSubMenu,eax,0
invoke   TrackPopupMenuEx,eax,TPM_LEFTALIGN+TPM_LEFTBUTTON+TPM_VERTICAL,\
                         [ebp+RECT.left],[ebp+RECT.bottom],[hMainWnd],NULL
invoke   DestroyMenu,ebx
add      esp, sizeof.RECT    


Last edited by Teehee on 02 Jan 2010, 16:06; edited 1 time in total
Post 02 Jan 2010, 15:59
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2, 3, 4, 5, 6  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.