flat assembler
Message board for the users of flat assembler.

Index > Windows > C's malloc

Author
Thread Post new topic Reply to topic
sandman_1



Joined: 19 Mar 2010
Posts: 16
sandman_1 19 Mar 2010, 15:07
Just re-learning assembler and made this example program just to practice some file access.

Ran my program through Ollydbg and it appears malloc is allocating twice number of bytes that I am specifying. Maybe I am doing something wrong?

The code
Code:
add [memalloc], 1831
    


Makes the program work correctly. It is basically the size of the file + 10 bytes + 1 byte for zero terminator. Take out the code and it displays nothing. I got this value through Ollydbg and a memory dump of the malloc's allocated memory.

The rest of the program appears to be sound.

See code below...

Code:
format PE CONSOLE
entry start    

Include 'win32a.inc'     

section '.text' code readable executable  

SEEK_END equ 2


start:
         cinvoke fopen, license_file, mode
         mov [fileopen], eax

         cinvoke fseek, [fileopen], 0, SEEK_END
         cinvoke ftell, [fileopen]
         inc eax
         mov [filesize], eax

         cinvoke rewind, [fileopen]

         cinvoke malloc, [filesize]
         mov [memalloc], eax

         cinvoke fgets, [memalloc], [filesize], [fileopen]

         add [memalloc], 1831

         cinvoke printf, string, [memalloc]



        cinvoke fclose, [fileopen]
        cinvoke free, [memalloc]
        cinvoke getchar



        invoke ExitProcess,0

section '.data' data readable writable

license_file db "D:\Fasm\license.txt",0
mode         db "r+",0
fileopen     rd 1
filesize     rd 1

memalloc     rd 1
string       db "%s",0


section '.idata' import data readable writeable

library msvcrt, 'msvcrt.dll', \
        kernel32, 'kernel32.dll'

import msvcrt, getchar, 'getchar', fopen, 'fopen', fclose, 'fclose', fgets, 'fgets', ftell, 'ftell', fseek, 'fseek', printf, 'printf', \
malloc, 'malloc', free, 'free', rewind, 'rewind'

import kernel32, \
       ExitProcess, 'ExitProcess'    
Post 19 Mar 2010, 15:07
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 19 Mar 2010, 15:45
Quote:
char * fgets ( char * str, int num, FILE * stream );

Get string from stream
Reads characters from stream and stores them as a C string into str until (num-1) characters have been read or either a newline or a the End-of-File is reached, whichever comes first.
Post 19 Mar 2010, 15:45
View user's profile Send private message Visit poster's website Reply with quote
sandman_1



Joined: 19 Mar 2010
Posts: 16
sandman_1 19 Mar 2010, 16:03
Thanks for your reply but could you elaborate more?

I know how to use fgets and it should return the same address to where it wrote to on success, which it does per check Ollydbg. Am I overlooking something?
Post 19 Mar 2010, 16:03
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 19 Mar 2010, 16:08
Quote:
... until (num-1) characters have been read or either a newline or a the End-of-File is reached ...
Check your input file. It has some CRs or LFs at the start.
Post 19 Mar 2010, 16:08
View user's profile Send private message Visit poster's website Reply with quote
sandman_1



Joined: 19 Mar 2010
Posts: 16
sandman_1 19 Mar 2010, 20:12
Thanks for pointing that out. It makes sense now why it doesn't work. When the program is ran, the output shows the cursor a couple of lines below where it should be like there are a couple of returns and then a linefeed. Anyway, I will check it out.
Post 19 Mar 2010, 20:12
View user's profile Send private message Reply with quote
sandman_1



Joined: 19 Mar 2010
Posts: 16
sandman_1 20 Mar 2010, 00:20
Ok got it to work with fgetc.

Code:
         mov esi, [memalloc]
         
         write_char:
                cinvoke fgetc, [fileopen]
                cmp eax, -1
                je done
                mov byte [esi], al
                inc esi
                jmp write_char

         done:
              mov byte [esi], 0

    


I am still baffled about the whole file still being printed in memory with the old code. It as if fgets loaded the whole file in a buffer for some reason and then worked on it, weird.


Anyone want to add anything like a better way to do this besides using fgetc and a loop? Suggestions?
Post 20 Mar 2010, 00:20
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 20 Mar 2010, 00:34
sandman_1 wrote:
I am still baffled about the whole file still being printed in memory with the old code. It as if fgets loaded the whole file in a buffer for some reason and then worked on it, weird.
What you saw in memory was msvcrt.dll allocating another memory block after your block and loading the file there before transferring the first line to your buffer.

In general, you should not be accessing buffers from other code unless you like to get all sorts of strange errors and/or crashes when msvcrt.dll next changes. It is also not guaranteed that the memory block msvcrt.dll allocates will always be directly after your block, don't rely on such behaviour.
sandman_1 wrote:
Anyone want to add anything like a better way to do this besides using fgetc and a loop? Suggestions?
Why not just use fread:
Quote:
size_t fread ( void * ptr, size_t size, size_t count, FILE * stream );

Read block of data from stream
Reads an array of count elements, each one with a size of size bytes, from the stream and stores them in the block of memory specified by ptr.
The postion indicator of the stream is advanced by the total amount of bytes read.
The total amount of bytes read if successful is (size * count).
Post 20 Mar 2010, 00:34
View user's profile Send private message Visit poster's website Reply with quote
sandman_1



Joined: 19 Mar 2010
Posts: 16
sandman_1 20 Mar 2010, 02:38
Thanks for the info. I will heed your advice.


Good idea! I will try using that instead in my code, thank you.
Post 20 Mar 2010, 02:38
View user's profile Send private message Reply with quote
sandman_1



Joined: 19 Mar 2010
Posts: 16
sandman_1 20 Mar 2010, 15:55
Fread worked like a charm but the setup code to use it is about the same as the loop I made. But there is only one function call so it is more efficient compared to several fgetc's. Thanks again for your suggestion...
Post 20 Mar 2010, 15:55
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.