flat assembler
Message board for the users of flat assembler.

Index > Tutorials and Examples > get size of function

Author
Thread Post new topic Reply to topic
taeyun



Joined: 12 Jan 2014
Posts: 42
Location: south korea
taeyun 16 Mar 2014, 07:25
I don't knwo whether this would be useful or not.. but let me post this.

this code contain function 'func1', 'get_func_size'
this program start and call get_func_size to get size of 'func1'.
then print the size of function with printf.

the getch is used to avoid exit automatically.

please reply if you have any suggestion.

Code:
format PE console
entry start
include "win32a.inc"
msg: db 'print integer: %d',10,0

func1:
        push ebp
        mov ebp, esp
        invoke printf, msg, 0
        add esp, 8
        mov esp, ebp
        pop ebp
        ret
        dd func1
.size: dd $ - func1


;get_func_size(func)
get_func_size:
        push ebp
        mov ebp, esp
        mov ecx, 0
        mov edx, [ebp+8]
        jmp .loop1
.loop2:
        inc ecx
.loop1:
        cmp dword [edx+ecx], edx
        jne .loop2
        mov eax, ecx
        mov esp, ebp
        pop ebp
        ret

start:
        push dword func1
        call get_func_size
        add esp, 4
        invoke printf,msg,eax
        add esp, 8
        invoke getch
        invoke exit

data import
     library msvcrt,'msvcrt.dll'
     import msvcrt,printf,'printf',getch,'_getch',exit,'exit',malloc,'malloc'
end data

    

_________________
influenced by
elements(Euclid)
rules for the direction of the mind(Descartes)
Post 16 Mar 2014, 07:25
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20363
Location: In your JS exploiting you and your system
revolution 17 Mar 2014, 07:16
If you store the function length before the function entry point then you can simplify the code to something like this:
Code:
        dd      func1.size
func1:
        push    ebp
        mov     ebp,esp
        invoke  printf,msg,0
        add     esp,8
        mov     esp,ebp
        pop     ebp
        ret
.size = $ - func1

get_func_size:
        mov     eax,[esp+4]
        mov     eax,[eax-4]
        ret    
In fact you don't even need a separate function to get the size. Your main loop can do this directly:
Code:
mov eax,[func1-4] ;get the size of func1    
Or like this:
Code:
start:
        invoke printf,msg,dword[func1-4]
        add esp, 8
        invoke getch
        invoke exit    
Post 17 Mar 2014, 07:16
View user's profile Send private message Visit poster's website Reply with quote
taeyun



Joined: 12 Jan 2014
Posts: 42
Location: south korea
taeyun 17 Mar 2014, 07:32
revolution wrote:
If you store the function length before the function entry point then you can simplify the code to something like this:
Code:
        dd      func1.size
func1:
        push    ebp
        mov     ebp,esp
        invoke  printf,msg,0
        add     esp,8
        mov     esp,ebp
        pop     ebp
        ret
.size = $ - func1

get_func_size:
        mov     eax,[esp+4]
        mov     eax,[eax-4]
        ret    
In fact you don't even need a separate function to get the size. Your main loop can do this directly:
Code:
mov eax,[func1-4] ;get the size of func1    
Or like this:
Code:
start:
        invoke printf,msg,dword[func1-4]
        add esp, 8
        invoke getch
        invoke exit    


good idea
thanks
I wonder if you have an idea on how to insert or remove(flexible size) to function.
and get flexible size.

will you let me know if you know?

_________________
influenced by
elements(Euclid)
rules for the direction of the mind(Descartes)
Post 17 Mar 2014, 07:32
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20363
Location: In your JS exploiting you and your system
revolution 17 Mar 2014, 07:41
What do you mean by "flexible size"?
Post 17 Mar 2014, 07:41
View user's profile Send private message Visit poster's website Reply with quote
taeyun



Joined: 12 Jan 2014
Posts: 42
Location: south korea
taeyun 17 Mar 2014, 07:57
revolution wrote:
What do you mean by "flexible size"?


I would like to modify function on runtime
It may change function's size
the flexible size I mentioned is size of the function which is modifiable.
(function which may change its content)
thanks for your replying anyway~!

_________________
influenced by
elements(Euclid)
rules for the direction of the mind(Descartes)
Post 17 Mar 2014, 07:57
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20363
Location: In your JS exploiting you and your system
revolution 17 Mar 2014, 08:06
Do you mean to self modifying code (SMC)?

Anyhow, if you lengthen/shrink the function then you can adjust the .size value stored in memory also. Of course your code section must be writeable.

BTW: SMC generally performs very poorly on a caching CPU. Just saying.
Post 17 Mar 2014, 08:06
View user's profile Send private message Visit poster's website Reply with quote
taeyun



Joined: 12 Jan 2014
Posts: 42
Location: south korea
taeyun 17 Mar 2014, 09:00
revolution wrote:
Do you mean to self modifying code (SMC)?

Anyhow, if you lengthen/shrink the function then you can adjust the .size value stored in memory also. Of course your code section must be writeable.

BTW: SMC generally performs very poorly on a caching CPU. Just saying.


thanks for your reply
if I want to lengthen 1 instruction,
then
do I need to get the instruction's size and recalculate the size?
I wonder how can I
get the instruction's size ?

thanks

_________________
influenced by
elements(Euclid)
rules for the direction of the mind(Descartes)
Post 17 Mar 2014, 09:00
View user's profile Send private message Reply with quote
baldr



Joined: 19 Mar 2008
Posts: 1651
baldr 17 Mar 2014, 12:03
taeyun wrote:
I wonder how can I get the instruction's size ?
There are so-called length disassemblers, routines that decode instruction (usually partially) and return its total length.

Modifying the code in binary form is a non-trivial task at least. Are you familiar with disassembling?
Post 17 Mar 2014, 12:03
View user's profile Send private message Reply with quote
cod3b453



Joined: 25 Aug 2004
Posts: 618
cod3b453 17 Mar 2014, 17:26
If you're only writing code ("modification" is still possible if you write the same code with different values over the top.), you could even invoke/include FASM to do the instruction encoding for you; the output would tell you the size, avoiding the need for a "compatible" disassembler.
Post 17 Mar 2014, 17:26
View user's profile Send private message Reply with quote
taeyun



Joined: 12 Jan 2014
Posts: 42
Location: south korea
taeyun 17 Mar 2014, 18:36
what about to use script language such as ruby.
To make a 'opcode and size table.txt'
and refer them to modifying and recalculate size of function?
would it be complicate?
Post 17 Mar 2014, 18:36
View user's profile Send private message Reply with quote
taeyun



Joined: 12 Jan 2014
Posts: 42
Location: south korea
taeyun 17 Mar 2014, 18:38
baldr wrote:
taeyun wrote:
I wonder how can I get the instruction's size ?
There are so-called length disassemblers, routines that decode instruction (usually partially) and return its total length.

Modifying the code in binary form is a non-trivial task at least. Are you familiar with disassembling?


I wonder how 'length disassembler' works.
maybe it refer some table?(opcode and size table)

_________________
influenced by
elements(Euclid)
rules for the direction of the mind(Descartes)
Post 17 Mar 2014, 18:38
View user's profile Send private message Reply with quote
m3ntal



Joined: 08 Dec 2013
Posts: 296
m3ntal 18 Mar 2014, 00:35
Quote:
store the function length before the function entry point
Quote:
you don't even need a separate function to get the size
Exactly what I was thinking but didn't want to respond.

taeyun: Why are you interested in self-modifiable code? What are you trying to load and execute?

I'd love to see examples of dynamic recompilation, especially converting to/from ARM and I32. Who can convert ARM instructions like ldr to/from I32? I have a native ARM assembler partially working in bare metal but am not prepared to post.
Post 18 Mar 2014, 00:35
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
typedef 24 Aug 2014, 07:55
m3ntal wrote:
I have a native ARM assembler partially working in bare metal but am not prepared to post.
Then you shouldn't talk about that which you can not do my main man. Cool
Post 24 Aug 2014, 07:55
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.