flat assembler
Message board for the users of flat assembler.

Index > Main > mov BX to EAX ~ the newbiest question

Goto page Previous  1, 2, 3, 4, 5, 6  Next
Author
Thread Post new topic Reply to topic
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
I compiled with "format PE" in FASM and the 'stackreserve' size is 4096. Are you sure it gives you 1MB even if it's specified less in the header?
Post 11 Jan 2010, 16:37
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17716
Location: In your JS exploiting you and your system
revolution
Borsuc: Try it. Write a little app and see where it breaks. Wink

And, no, I am not sure, that is why I put "IIRC" in there to indicate that I may be misremembering it or confusing it with something else.
Post 11 Jan 2010, 16:40
View user's profile Send private message Visit poster's website Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
I used the code
Code:
        mov ebp, esp
        push eax
        @@:
        sub esp, 4096-4
        push eax
        jmp @b    
seems to be giving an exception at 0x0003F000, or 258048 bytes.

_________________
Previously known as The_Grey_Beast
Post 11 Jan 2010, 17:01
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17716
Location: In your JS exploiting you and your system
revolution
My XP SP2 box fails at 0x3D000
Post 11 Jan 2010, 17:26
View user's profile Send private message Visit poster's website Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
Code:
format pe gui 4.0
include 'win32ax.inc'
;stack 512*1024*1024


.code
start:
        invoke  SetUnhandledExceptionFilter, ExceptionHandler
        xor     ecx, ecx
        mov     ebx, esp

.loop:
        inc     ecx
        call    .loop

report:
        mov     esp, ebx
        shl     ecx, 2
        sub     esp, 256
        mov     ebx, esp

        cinvoke wsprintf, ebx, "Stack available at entry point: %u bytes.", ecx

        invoke  MessageBox, 0, ebx, "Report", MB_ICONINFORMATION
        invoke  ExitProcess, 0

ExceptionHandler:
        mov     eax, [esp+4]
        mov     eax, [eax+4] ; EXCEPTION_POINTERS.ContextRecord

        mov     dword [eax+184], report ; CONTEXT.Eip
        mov     eax, -1 ; EXCEPTION_CONTINUE_EXECUTION

   .exit:
        ret     4

.end start    

Stack available at entry point: 249800 bytes. (with default stack)

Stack available at entry point: 536858568 bytes. (with stack line uncommented)

WinXP SP3

[edit]This on a Win7 64-bit (using the same 32-bit executable):
Stack available at entry point: 249744 bytes. (with default stack)[/edit]
Post 11 Jan 2010, 18:12
View user's profile Send private message Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee
may seem weird... but i dunno how to do a simple 'if' like that:

Code:
if ((x >= 10 && x <= 20) || (x >= 30 && x <= 40))
{
 ; ok
}
else
{
 ; no
}    

How it go in Asm? Embarassed
Post 13 Jan 2010, 15:50
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17716
Location: In your JS exploiting you and your system
revolution
Code:
mov eax,[x]
cmp eax,10
jb .no
cmp eax,40
ja .no
cmp eax,20
jbe .yes
cmp eax,30
jb .no
.yes:
  ;Woo-hoo
jmp .next
.no:
  ;Boo-hoo
.next:    
Post 13 Jan 2010, 15:55
View user's profile Send private message Visit poster's website Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee
but we do not use AND or OR instructions? Image
Post 13 Jan 2010, 15:59
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17716
Location: In your JS exploiting you and your system
revolution
You want logical AND and OR, not binary AND and OR.

But you could use things like SETcc, to avoid the jumps, and (x)OR/AND the results together, but that is slightly more advanced and uses extra registers.
Post 13 Jan 2010, 16:03
View user's profile Send private message Visit poster's website Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
If you need long-circuit version then you could use some ANDs and ORs:
Code:
mov eax, [x]
; (x >= 10 && x <= 20)
cmp eax, 10
setge dl
cmp eax, 20
setle dh
and dl, dh

; (x >= 30 && x <= 40)
cmp eax, 30
setge cl
cmp eax, 40
setle ch
and cl, ch

; ((x >= 10 && x <= 20) || (x >= 30 && x <= 40))
or dl, cl
jz .else
.if:
; ...
jmp .endif
.else:
; ...
.endif:
    
Post 13 Jan 2010, 16:08
View user's profile Send private message Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee
*_*

some few questions:
1. 'setge CL' sets all CL 8bits to 1?
2. is jb = jl ?
Post 13 Jan 2010, 16:15
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17716
Location: In your JS exploiting you and your system
revolution
Teehee wrote:
*_*

some few questions:
1. 'setge CL' sets all CL 8bits to 1?
2. is jb = jl ?
Have you read the Intel/AMD manuals? They explain how all the instructions work. No sense repeating it all here when the official manuals do such a good job.
Post 13 Jan 2010, 16:17
View user's profile Send private message Visit poster's website Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee
humpf.

Smile
Post 13 Jan 2010, 16:23
View user's profile Send private message Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
But I'll better do some clarifications:
1. No, only lower bit, the rest are cleared.
2. No. I've assumed signed integers, and revolution's example was with unsigned integers.
Post 13 Jan 2010, 16:25
View user's profile Send private message Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
Teehee wrote:
but we do not use AND or OR instructions? Image
Those are bitwise instructions, not logical. They are the equivalent of '&' and '|' in C, not '&&' and '||'

in other words, '&' is bitwise and instruction (acts on individual bits, not the whole number), and '&&' is logical and, which has to be done with comparisons and conditional logic.

_________________
Previously known as The_Grey_Beast
Post 13 Jan 2010, 17:06
View user's profile Send private message Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee
Borsuc wrote:
Those are bitwise instructions, not logical. They are the equivalent of '&' and '|' in C, not '&&' and '||'

in other words, '&' is bitwise and instruction (acts on individual bits, not the whole number), and '&&' is logical and, which has to be done with comparisons and conditional logic.


Ohhhhhhhh... now i got it!
Thanks!

_________________
Sorry if bad english.
Post 13 Jan 2010, 17:10
View user's profile Send private message Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee
Please confirm to me if to make a struct using no macro is:
Code:
POINT:
 .x dd ?
 .y dd ?    


thanks in advance
Post 31 Jan 2010, 19:15
View user's profile Send private message Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
yeah that's correct, but obviously an uninitialized struct.
Post 31 Jan 2010, 19:21
View user's profile Send private message Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee
A [win?] program always starts at 0x0041000 address?

I noticed that looking ollydbg. However, if i run 2 programs (in ollydbg), both start at 0x0041000 address. Can someone explain me that?

_________________
Sorry if bad english.
Post 01 Feb 2010, 16:59
View user's profile Send private message Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
It's called Virtual memory. Every process (program) has its own addressing space -- note that in "physical" RAM it's actually scattered all over... sort of like a fragmented file: in virtual offset, it is continuous, but on physical locations it can be scattered.

And the address is just the default one for the code section, you may be able to change it (I think)... doesn't really matter though.

_________________
Previously known as The_Grey_Beast
Post 01 Feb 2010, 17:59
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2, 3, 4, 5, 6  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.