flat assembler
Message board for the users of flat assembler.

Index > Heap > masm32 offset and addr

Author
Thread Post new topic Reply to topic
Enko



Joined: 03 Apr 2007
Posts: 678
Location: Mar del Plata
Enko
I was checking the iczelion's tutorials and find again that addr should be used insted of offset.

Just out of curiosity, I searched some better explanation about the diference between both, and found this:

http://www.hitxp.com/comp/pro/asm/120403.htm


some quotes

Quote:

We cannot receive the address of a local variable by using OFFSET
as the address of a local variable is not decided during assembly time.

I understand, the design of masm is diferent, so it can't replace this on runtime:
mov [arg1], eax

to get


mov [ebp-4], eax



Quote:

What ADDR actually does is a simple substitution in the code as follows,
just before the function is executed.

lea eax, localvar
push eax


MH...... I don't get it

Quote:

If you still did not get it, then imagine a situation as follows.

then it goes bla bla bla bla bla till....

Quote:

But then, why does ADDR use LEA instead of MOV in case of local variables.
Well, for the simple reason that

mov eax,ebp+2

is an invalid CPU instruction.


mov eax, [ebp+2] is invalid CPU instruction? yes sure...


Now the question for someone who made the blasphemy of using masm:

why there are addr and offset? A bad desing?

not the diferences, the diferences are all over the net, but why to use two diferente keywords for adressing memory space.
Post 12 Jul 2011, 01:13
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
wtf ? I posted an then it got deleted ?
Post 12 Jul 2011, 01:21
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
Anyways what I was saying is that. by using mov [arg1], eax you must tell the computer how many bytes are being moved otherwise it would be a mess.
Post 12 Jul 2011, 01:22
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17247
Location: In your JS exploiting you and your system
revolution
I'm not sure what you are asking here. MASM is what it is, talking about it here (on the fasm board) won't effect any change to MASM.
Post 12 Jul 2011, 01:24
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17247
Location: In your JS exploiting you and your system
revolution
typedef wrote:
wtf ? I posted an then it got deleted ?
Looks like your timing was unfortunate. I deleted the duplicate topic and there were no replies at the time I was looking. You must have posted just before it was deleted and thus I never saw it. Sorry for the inconvenience.
Post 12 Jul 2011, 01:27
View user's profile Send private message Visit poster's website Reply with quote
Enko



Joined: 03 Apr 2007
Posts: 678
Location: Mar del Plata
Enko
typedef wrote:

mov [arg1], eax you must tell the computer how many bytes are being moved otherwise it would be a mess.


shouldn't both be DWORD in this case? eax should set the destination size, otherwise its imposible to know.


Quote:

MASM is what it is, talking about it here (on the fasm board) won't effect any change to MASM.

I'm not criticizing masm, I just wan't to understand why is used this kind of aproach.
If I post in some masm32 board, saying "man... on fasm I just put the var inside [] but on this shit I have to use sometimes addr sometimes offset, the what the hell is goind on!?"
They won't take it kindly ( Wink )
Post 12 Jul 2011, 01:35
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
Enko wrote:
typedef wrote:

mov [arg1], eax you must tell the computer how many bytes are being moved otherwise it would be a mess.


shouldn't both be DWORD in this case? eax should set the destination size, otherwise its imposible to know.


What if
Code:
proc anotherProc

push DWORD x
push WORD  memReference
stdcall  [myProc]
 ret
endp


proc myProc ; no specified args
mov [arg1],eax  ;arg1 = ESP+8 = WORD memReference, eax = DWORD ?
                        ;or maybe a byte ?

    


@revolution Very Happy Very Happy Very Happy

I was like what the hell happened Laughing
Post 12 Jul 2011, 01:57
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17247
Location: In your JS exploiting you and your system
revolution
Enko wrote:
I'm not criticizing masm, I just wan't to understand why is used this kind of aproach.
If I post in some masm32 board, saying "man... on fasm I just put the var inside [] but on this shit I have to use sometimes addr sometimes offset, the what the hell is goind on!?"
They won't take it kindly ( Wink )
Sure, you can ask here about how to use MASM if you want to. Although the MASM board would seem to provide more chance of someone actually knowing the answer. Perhaps your approach just needs some refinement. Try this instead:
Quote:
When is it correct to use ADDR and/or OFFSET in MASM? I'm confused by the difference.
tia for your answers
This might elicit a somewhat more friendly response from the MASM community than your suggestion above. Wink
Post 12 Jul 2011, 02:05
View user's profile Send private message Visit poster's website Reply with quote
Enko



Joined: 03 Apr 2007
Posts: 678
Location: Mar del Plata
Enko
Quote:

proc anotherProc

push DWORD x
push WORD memReference
stdcall [myProc]
ret
endp


proc myProc ; no specified args
mov [arg1],eax

But if you don't specify the args... where "arg1" is defined? the assembler should complain saying: arg1 not defined.

Quote:

proc mPproc, arg1:WORD, arg2:DWORD
mov [arg1], eax ;<<<<<< operand size mismatch




Revolution:
I guess your approach is more forum friendly.

But really, I do understand the difference somehow. (for simplification, addr is used in conjugation with invoke for passing local var as arguments).
The real question is, why not to use the same keyword and let the assembler decide.

And I do understand that it is this way because of the design. So let me reformulate the question.
What is different if masm design compared with fasm that makes the masm users use to diferent keywords?
Post 12 Jul 2011, 04:19
View user's profile Send private message Reply with quote
Enko



Joined: 03 Apr 2007
Posts: 678
Location: Mar del Plata
Enko
I think I got it now, the article confused me.
Quote:

mov eax,ebp-4 ;MASM

The article sad that it is not a valid instruction.

I think what the author wanted to say is that:
Quote:

mov eax, offset ebp-4 ;masm
mov eax, ebp-4; fasm

is not a valid instruction. And it's correct.
This happens when you want to pass a local variable to other function as reference.

push ebp-4 ; is not a valid instruction; FASM
push offset ebp-4; not valid masm MASM


it should be:
lea eax, [ebp-4]
push eax

so that is what addr does. (win32ax.inc have this macro, as I don't use it, I didn't know)

And the other thing why I couldn't get it, is that I never had to pass a local variable as a reference... in assembly language there are lots of registers for this job)

so finally:
addr only can be used with invoke.
it will work almost like offset, except when a local variable is pushed.

so, in few words:
offset in masm is an operator ( the inverse of [] in fasm)
addr in the msdn does not apeasr in the list of directives (invoke) nor operators.
But it does say in the explanation of invoke directive:
" an address expression (an expression preceded by ADDR"


so addr starts an "address expression" so i gues in thould be a "directive"


Last edited by Enko on 12 Jul 2011, 05:17; edited 1 time in total
Post 12 Jul 2011, 04:52
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
yep, local variable passing: Not a good idea when working on industry standard secure software...hehe.. That is why they want the caller to allocate space first
Post 12 Jul 2011, 05:02
View user's profile Send private message Reply with quote
Enko



Joined: 03 Apr 2007
Posts: 678
Location: Mar del Plata
Enko
typedef wrote:
yep, local variable passing: Not a good idea when working on industry standard secure software


I never did it, it looked some how very strange for me.

But what is the security problem with pasing a pointer to stack to a function? (on windows)
Post 12 Jul 2011, 05:20
View user's profile Send private message Reply with quote
sinsi



Joined: 10 Aug 2007
Posts: 692
Location: Adelaide
sinsi
ADDR can be used for both local vars (on the stack) and global vars (in .data for e.g.). MASM only makes an obj file, it is the linker that makes the exe.
If MASM finds ADDR used with a local var it knows that it needs to create code (usually something like 'lea eax,[ebp+x]'. If it is used with a global var it treats it as OFFSET and tells the linker it needs a fixup.

I prefer FASM in this regard since you explicitly need [] around vars
Code:
  var dword 2

  ;loading from memory
  mov eax,[var] ;FASM syntax, MASM will use this correctly
  mov eax,var ;MASM syntax, exactly the same as above

  ;loading the address
  mov eax,OFFSET var ;MASM syntax
  mov eax,var ;FASM syntax, exactly the same as above but MASM will treat it as loading from memory
    

Plenty of FASM questions are asked at masm32 since some of us use both Smile
Post 12 Jul 2011, 05:21
View user's profile Send private message Reply with quote
Enko



Joined: 03 Apr 2007
Posts: 678
Location: Mar del Plata
Enko
sinsi wrote:

Plenty of FASM questions are asked at masm32 since some of us use both Smile

I only used masm for about 5 days, and than tried fasm. There where much less examples for fasm and tutorials, but it looked for me much more friendly.
So, I never opened the masm forum, really strange, googling for some help or somthing, I never had a link to the masm forum, didn't know it exists xD (masm32.com/board?)
Post 12 Jul 2011, 05:29
View user's profile Send private message Reply with quote
sinsi



Joined: 10 Aug 2007
Posts: 692
Location: Adelaide
sinsi
I started programming in the late '80s and MASM was the only thing around, so I was forced to use it.
I still use it for windows programming since the masm32 board has lots of info and the masm32 package has all the includes and libraries needed as well as tons of tutorials/examples.
The only problem is the license, Microsoft let hutch use MASM/ML but you can only write programs for MS operating systems (legally that is).

http://www.masm32.com/board/index.php
Post 12 Jul 2011, 05:45
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17247
Location: In your JS exploiting you and your system
revolution
Enko wrote:
push ebp-4 ; is not a valid instruction; FASM
Erm, that is valid actually. It assembles to two instructions, push ebp / push -4.
Code:
foo equ ebp-4
virtual at ebp-4
  bar dd ?
end virtual

push foo ;okay, assembles to two instructions.
push bar ;error: push (ebp-4) fails    
Post 12 Jul 2011, 13:17
View user's profile Send private message Visit poster's website Reply with quote
ctl3d32



Joined: 30 Dec 2009
Posts: 204
Location: Brazil
ctl3d32
From iczelion's tutorial 2:
Code:
The addr operator is used to pass the address of a label to the function. It's valid only in the context of invoke directive. You can't use it to assign the address of a label to a register/variable, for example. You can use offset instead of addr in the above example. However, there are some differences between the two:

    addr cannot handle forward reference while offset can. For example, if the label is defined somewhere further in the source code than the invoke line, addr will not work.

        invoke MessageBox,NULL, addr MsgBoxText,addr MsgBoxCaption,MB_OK
        ......
        MsgBoxCaption  db "Iczelion Tutorial No.2",0
        MsgBoxText       db "Win32 Assembly is Great!",0

    MASM will report error. If you use offset instead of addr in the above code snippet, MASM will assemble it happily.
    addr can handle local variables while offset cannot. A local variable is only some reserved space in the stack. You will only know its address during runtime. offset is interpreted during assembly time by the assembler. So it's natural that offset won't work for local variables. addr is able to handle local variables because of the fact that the assembler checks first whether the variable referred to by addr is a global or local one. If it's a global variable, it puts the address of that variable into the object file. In this regard, it works like offset. If it's a local variable, it generates an instruction sequence like this before it actually calls the function:

        lea eax, LocalVar
        push eax


    Since lea can determine the address of a label at runtime, this works fine.
    
Post 12 Jul 2011, 13:49
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar.

Powered by rwasa.