flat assembler
Message board for the users of flat assembler.

Index > Compiler Internals > FASM accept negative immediates in ENTER and INT

Goto page 1, 2  Next
Author
Thread Post new topic Reply to topic
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
Code:
enter 4, -128
int -101    


That compiles with latest FASM. Shouldn't it be disallowed? In any case of course FASM only allows numbers that are encodable as imm8 but it is somewhat odd to accept -1 as 255 in the context of those instructions (and any other that negative values makes no sense)

I made this tests after looking into a recent thread hopcode participated in talking about ENTER instruction.

PS: I'm half convinced of what I'm saying above so for that reason I'm not flagging it as a bug.
Post 21 Jan 2010, 04:28
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17715
Location: In your JS exploiting you and your system
revolution
Code:
retn -4    
Post 21 Jan 2010, 04:34
View user's profile Send private message Visit poster's website Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
Code:
irps instr, ret retn retf
{
  instr -4
}    
Razz

And surely there are more instructions. What do you think, it is OK to allow that?
Post 21 Jan 2010, 04:39
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17715
Location: In your JS exploiting you and your system
revolution
LocoDelAssembly wrote:
What do you think, it is OK to allow that?
No. I think it should be changed. Often these constants can become obscured by macros and symbolic names so the programmer can find it hard to know that negative values are being assembled without any error being generated.
Post 21 Jan 2010, 04:44
View user's profile Send private message Visit poster's website Reply with quote
Madis731



Joined: 25 Sep 2003
Posts: 2140
Location: Estonia
Madis731
Isn't it nitpicking. I've always wondered why is there SUB-instruction when you can perfectly and legally exchange it with negative ADD-instruction, but I don't consider it evil.
add eax,-1 is perfectly okay too.

then you have to wonder what algorithmic importance does an xor eax,-4 have? I am opposed to the idea of having FASM decide how we should code. If one's worried about negative horror then its the job of the macros.
if imm8<0 then display "Warning: "#imm8#" is not a supported value" etc.
Post 21 Jan 2010, 07:30
View user's profile Send private message Visit poster's website Yahoo Messenger MSN Messenger Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17715
Location: In your JS exploiting you and your system
revolution
Madis731: "SUB eax,ebx", How to do with ADD?

"add eax,-1" is okay. Since it is a 2's complement adder.

But "retn -4" does not use a 2's complement adder internally. The CPU will do the "wrong" thing if you are expecting "ret / add esp,-4" then you won't get it.
Post 21 Jan 2010, 07:47
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17715
Location: In your JS exploiting you and your system
revolution
Code:
include 'win32ax.inc'

.code

begin:
    repeat     16
  sub     esp,4092
    push    eax
    end repeat
       pop     eax             ;esp=esp-65532
      call    test_retn
   invoke  ExitProcess,0

test_retn:
 retn    -4

.end begin    
Even Ollydbg displays "retn 0xFFFC". '-4' is not really correct. Although not a serious problem I think it is still something that needs looking at.
Post 21 Jan 2010, 07:55
View user's profile Send private message Visit poster's website Reply with quote
hopcode



Joined: 04 Mar 2008
Posts: 563
Location: Germany
hopcode
- add eax,-1 is not the problem, no fasm change.
- int -101 not necessary, even if int -3 is not int 3, it is to say, there is no useful internal operation over the imm8 in the int istruction; anyway, because it is a imm8 a fasm change could inhibit users thinking negative (int -3 instead of int 0FDh) to avoid undesiderable results. in fact in this way, they could only use absolute imm8 values.
- retn -4 no fasm change, it is user responsability avoid errors
- enter 4,-128 no fasm change,it is not necessary,
also, my opinion, if useful is for those instructions no change
Post 21 Jan 2010, 08:23
View user's profile Send private message Visit poster's website Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
revolution wrote:
Madis731: "SUB eax,ebx", How to do with ADD?
I think he was talking about SUB with an immediate. That is worthless and wastes encoding space.

_________________
Previously known as The_Grey_Beast
Post 21 Jan 2010, 16:56
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17715
Location: In your JS exploiting you and your system
revolution
Borsuc wrote:
I think he was talking about SUB with an immediate. That is worthless and wastes encoding space.
No, not worthless, in x86 the flags are set differently.
Post 21 Jan 2010, 17:00
View user's profile Send private message Visit poster's website Reply with quote
Madis731



Joined: 25 Sep 2003
Posts: 2140
Location: Estonia
Madis731
@revolution - yes
and
@Borsuc - yes and no
Smile

I'm sorry, but I didn't think about immediates - though I should have - I thought in general SUB is a waste of encoding space, but... well seb eax,ebx is great to have.

What I was actually trying to prove that sometimes add eax,-1 is more obfuscated than sub eax,1. I cannot prove, however, that ret or int will have uses in some code.

Therefore I shall argue no more Very Happy
Post 21 Jan 2010, 22:25
View user's profile Send private message Visit poster's website Yahoo Messenger MSN Messenger Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
Which flags? The carry flag?
Post 22 Jan 2010, 17:51
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17715
Location: In your JS exploiting you and your system
revolution
Borsuc wrote:
Which flags? The carry flag?
Yes, and also the overflow flag.
Post 22 Jan 2010, 17:56
View user's profile Send private message Visit poster's website Reply with quote
baldr



Joined: 19 Mar 2008
Posts: 1651
baldr
Overflow flag will be different only when (for 32-bit operands) 0x80000000 is added/subtracted (because -0x80000000==0x80000000 Wink). And don't forget an AF (albeit nobody cares about it).
Post 22 Jan 2010, 20:41
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17715
Location: In your JS exploiting you and your system
revolution
Overflow flag will be different for other values also.

0x80000000 + 0xffffffff ---> carry, no overflow
0x80000000 - 0x00000001 ---> overflow, no carry
Post 23 Jan 2010, 02:57
View user's profile Send private message Visit poster's website Reply with quote
baldr



Joined: 19 Mar 2008
Posts: 1651
baldr
revolution,

0x80000000+0xFFFFFFFF… No overflow, really? -2**31+(-1)==-(2**31+1), which does not fit in signed 32-bit.
Post 23 Jan 2010, 04:02
View user's profile Send private message Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
Yep, this crash:
Code:
format pe gui 4.0

mov eax, 0x80000000
add eax, 0xffffffff
into
ret ; I don't care if someone visit this thread in 2020 Very Happy    
Post 23 Jan 2010, 04:14
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17715
Location: In your JS exploiting you and your system
revolution
Embarassed forget about my overflow example. Embarassed
Post 23 Jan 2010, 04:33
View user's profile Send private message Visit poster's website Reply with quote
hopcode



Joined: 04 Mar 2008
Posts: 563
Location: Germany
hopcode
mmh... i dont know if i mistake but
it seems to me as we are playing in a Buñuel movie (one of my preferite
directors with Tarkowskij and Fassbinder), exactly
"El ángel exterminador"
http://en.wikipedia.org/wiki/The_Exterminating_Angel_%28film%29
by the fact that we discuss
round and round on fasm at a "bourgeois" level without safe exiting,
neglecting (one of) the most important concepts of fasm, it is to say, the
10 or more years of sssO experience of fasm, in few words, the WYSIWYG feature,
that makes fasm so different from other fuzzy-funky-thingy-kopflos-zusamenfassungen compilers.
For that feature, one learn in less time (this is what happens to me) and
outputs automatically aware less "tricks" as compared to other compilers output.
Why obfuscate that capability ?

Cheers,
hopcode

(is that provoking ?) Very Happy
Post 25 Jan 2010, 13:11
View user's profile Send private message Visit poster's website Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 3055
Location: vpcmipstrm
bitRAKE
If the processor operates with an unsigned number then negative numbers are incorrect. Since FASM correctly errors in some cases and has the precision to detect a number out of bounds, I assume the implementation is just incomplete rather than having this behavior as a feature. Hiding coding errors is never desirable.
Post 26 Jan 2010, 05:56
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.