flat assembler
Message board for the users of flat assembler.

Index > Main > push value instead of address?

Author
Thread Post new topic Reply to topic
primer



Joined: 05 Nov 2010
Posts: 12
primer
Hi, I have a small test program that print out PI number as follow:

Code:
format PE console

include 'win32ax.inc'
.data
       mrw dd 0
    fmt db "%f",0
     pi dd 0.0
   buf db 256 dup(0)
.code

start:
        push ebx
    push esi
    push edi
    invoke GetStdHandle,STD_OUTPUT_HANDLE
       mov ebx,eax
 FLDPI
       FSTP [pi]
[color=red]cinvoke sprintf,buf,fmt,[pi][/color]
        stdcall strprint,ebx,buf
    invoke CloseHandle,ebx
      pop edi
     pop esi
     pop ebx
     invoke ExitProcess,0
proc strprint mhandle:DWORD,mstr:DWORD
      local lmrw:DWORD
        invoke lstrlen,[mstr]
       mov ecx,eax
 invoke WriteFile,[mhandle],[mstr],ecx,[lmrw],0
      ret
endp

.end start
    

the problem is that the red line, it always assemble to 'push address_of_pi' instead of pi value, I also try 'cinvoke sprintf,buf,fmt,dword ptr pi', 'cinvoke buf,fmt,pi' ... and still not success, I used masm before, so it drive me confuse much in fasm, I'm using fasm 1.69.25. Please help me to correct it.
thanks.
Post 05 Nov 2010, 17:34
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17350
Location: In your JS exploiting you and your system
revolution
Your code as posted assembles to: push dword[0x00401007].

Seems fine to me.

Do you have a custom version of the cinvoke macro?
Post 05 Nov 2010, 17:38
View user's profile Send private message Visit poster's website Reply with quote
windwakr



Joined: 30 Jun 2004
Posts: 827
Location: Michigan, USA
windwakr
Has to be a double.

Code:
format PE console

include 'win32ax.inc'
.data
        mrw dd 0
        fmt db "%f",0
        pi dq 0.0
        buf db 256 dup(0)
.code

start:
        push ebx
        push esi
        push edi
        invoke GetStdHandle,STD_OUTPUT_HANDLE
        mov ebx,eax
        FLDPI
        FSTP [pi]
        cinvoke sprintf,buf,fmt,double [pi]
        stdcall strprint,ebx,buf
        invoke CloseHandle,ebx
        pop edi
        pop esi
        pop ebx
        invoke ExitProcess,0
proc strprint mhandle:DWORD,mstr:DWORD
        local lmrw:DWORD
        invoke lstrlen,[mstr]
        mov ecx,eax
        invoke WriteFile,[mhandle],[mstr],ecx,[lmrw],0
        ret
endp

.end start
    



EDIT: Errrr, that code doesn't work, but it does have to be a double.

_________________
----> * <---- My star, won HERE
Post 05 Nov 2010, 17:50
View user's profile Send private message Reply with quote
primer



Joined: 05 Nov 2010
Posts: 12
primer
i'm sorry, revolution, you're right, i confused when saw in disassemly code

Code:
fldpi
fstp    flt_401007
push    flt_401007
push    offset Format   ; "%f"
push    offset Buffer   ; Dest
call    ds:sprintf
    


but I still cannot make it prints out right value.
Post 05 Nov 2010, 18:01
View user's profile Send private message Reply with quote
primer



Joined: 05 Nov 2010
Posts: 12
primer
windwakr wrote:
Has to be a double.

Code:
format PE console

include 'win32ax.inc'
.data
        mrw dd 0
        fmt db "%f",0
        pi dq 0.0
        buf db 256 dup(0)
.code

start:
        push ebx
        push esi
        push edi
        invoke GetStdHandle,STD_OUTPUT_HANDLE
        mov ebx,eax
        FLDPI
        FSTP [pi]
        cinvoke sprintf,buf,fmt,double [pi]
        stdcall strprint,ebx,buf
        invoke CloseHandle,ebx
        pop edi
        pop esi
        pop ebx
        invoke ExitProcess,0
proc strprint mhandle:DWORD,mstr:DWORD
        local lmrw:DWORD
        invoke lstrlen,[mstr]
        mov ecx,eax
        invoke WriteFile,[mhandle],[mstr],ecx,[lmrw],0
        ret
endp

.end start
    



EDIT: Errrr, that code doesn't work, but it does have to be a double.


Yes, but I remember that float number only use 4 bytes.
Post 05 Nov 2010, 18:09
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17350
Location: In your JS exploiting you and your system
revolution
primer: Are you sure the sprintf library function will print a single with the f parameter? Check the specification for sprintf.
Post 05 Nov 2010, 18:23
View user's profile Send private message Visit poster's website Reply with quote
primer



Joined: 05 Nov 2010
Posts: 12
primer
finally, i got a runnable version
Code:
format PE console

include 'win32ax.inc'
.data
  mrw dd 0
    fmt db "%0.8f",0
  pi dd 0.0
   buf db 256 dup(0)
.code

start:
        push ebx
    push esi
    push edi
    invoke GetStdHandle,STD_OUTPUT_HANDLE
       mov ebx,eax
 FLDPI
       sub esp,8
   FSTP qword ptr esp
  cinvoke sprintf,buf,fmt
     stdcall strprint,ebx,buf
    invoke CloseHandle,ebx
      pop edi
     pop esi
     pop ebx
     invoke ExitProcess,0
proc strprint mhandle:DWORD,mstr:DWORD
      local lmrw:DWORD
        invoke lstrlen,[mstr]
       mov ecx,eax
 invoke WriteFile,[mhandle],[mstr],ecx,[lmrw],0
      ret
endp

.end start
    

but the trick (as i saw vc++ did) look not very nice. have any better way to do that? I don't know how to push a qword using cinvoke.
@windwakr: you're right, sprintf only accept double param, so i must convert float 4 bytes into double 8 bytes first.
Post 05 Nov 2010, 18:26
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17350
Location: In your JS exploiting you and your system
revolution
Your stack is unbalanced. The sub esp,8 is not undone with add esp,8 later.
Post 05 Nov 2010, 18:28
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17350
Location: In your JS exploiting you and your system
revolution
primer wrote:
I don't know how to push a qword using cinvoke.
windwakr gave you the example code.
Post 05 Nov 2010, 18:30
View user's profile Send private message Visit poster's website Reply with quote
MHajduk



Joined: 30 Mar 2006
Posts: 6038
Location: Poland
MHajduk
Code:
format PE console

entry start

include 'win32ax.inc' 

.data  
  OutputFmt       db "Pi value = %0.8f", 0
        pi              dq 0.0 
         
.code 
        start:        
          fldpi
               fstp    [pi]
                
            cinvoke printf, OutputFmt, dword [pi], dword [pi+4] 
                 
           cinvoke getchar 
    
            invoke  ExitProcess, 0
  

section '.idata' import data readable writeable 

        library kernel32, 'kernel32.dll',\
         msvcrt, 'msvcrt.dll'
              
    import  kernel32,\
         ExitProcess, 'ExitProcess' 

        import     msvcrt,\ 
                getchar, 'getchar',\ 
                printf, 'printf' 
    
Post 05 Nov 2010, 18:35
View user's profile Send private message Visit poster's website Reply with quote
primer



Joined: 05 Nov 2010
Posts: 12
primer
ok, the last question, sorry if it not relates with this thread.
I saw in hello world example has a statement like this:

invoke MessageBox,HWND_DESKTOP,"Hi! I'm the example program!",invoke GetCommandLine,MB_OK

is there a document about such macros (inner invoke), or i have to look into source code of some include file of fasm?
Post 05 Nov 2010, 18:48
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17350
Location: In your JS exploiting you and your system
revolution
Post 05 Nov 2010, 18:54
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.