Index
> Windows > Convert Algorithm to x64 |
| Author |
|
|
revolution 10 May 2015, 12:01
At a bare minimum you only need to change the calling convention (probably to fastcall) and the registers used for addressing. Registers used for data don't "need" to be changed.
|
|||
10 May 2015, 12:01 |
|
|
yq8 10 May 2015, 21:52
Okay,
I tried it, so here again, this is the working x86 code (with fixed jumps) Code: push ebp mov ebp, esp sub esp, 0xc mov eax, [ebp+0x8] mov [ebp-0x4], eax mov eax, [ebp+0xc] add eax, [ebp-0x4] dec eax mov [ebp-0x8], eax JUMP1: mov eax, [ebp-0x4] cmp eax, [ebp-0x8] jae JUMP2 mov eax, [ebp-0x8] movzx eax, byte [eax] mov [ebp-0x9], al mov edx, [ebp-0x8] mov eax, [ebp-0x4] movzx eax, byte [eax] mov [edx], al mov edx, [ebp-0x4] movzx eax, byte [ebp-0x9] mov [edx], al lea eax, [ebp-0x4] inc dword [eax] lea eax, [ebp-0x8] dec dword [eax] jmp JUMP1 JUMP2: mov eax, [ebp+0x10] mov edx, [ebp+0x8] mov [eax], edx leave ret 0xc this is what I've come up with after converting by hand. x64 code: Code: push rbp mov rbp, rsp sub rsp, 0x18 mov rax, [rbp+0x10] mov [rbp-0x8], rax mov rax, [rbp+0x18] add rax, [rbp-0x8] dec rax mov [rbp-0x10], rax JUMP1: mov rax, [rbp-0x8] cmp rax, [rbp-0x10] jae JUMP2 mov rax, [rbp-0x10] movzx rax, byte [rax] mov [rbp-0x12], ax 0x20 mov rdx, [rbp-0x10] mov rax, [rbp-0x8] movzx rax, byte [rax] mov [rdx], ax mov rdx, [rbp-0x8] movzx rax, byte [rbp-0x12] mov [rdx], ax lea rax, [rbp-0x8] inc qword [rax] lea rax, [rbp-0x10] dec qword [rax] jmp JUMP1 JUMP2: mov rax, [rbp+0x20] mov rdx, [rbp+0x10] mov [rax], rdx leave ret 0x18 Still this code is wrong for some reason, I can't get it to work like the x86 code :/ Any idea whats wrong? Can you help me to correct my 64-bit asm code please  |
|||
|
10 May 2015, 21:52 |
|
|
revolution 10 May 2015, 23:39
As with the other thread you forgot convert your calling convention. The parameters won't be on the stack upon entry, they will be in rcx, rdx and r8. And you shouldn't release the stack upon exit with fastcall.
|
|||
|
10 May 2015, 23:39 |
|
|
yq8 11 May 2015, 00:08
Hey,
I really appreciate your help. In which register should the parameters be moved into instead? And can you please explain this a bit more detailed: "And you shouldn't release the stack upon exit with fastcall." I've already read on msdn about this but I've a bit of trouble to understand how everything is connected. What exactly is the mistake in my code? Just that the parameters are in the wrong registers? Incorrect offsets. And about fastcall, I am not entirely sure what this is (I've not worked with x64 asm before yet) Big thanks for talking your time to help me  |
|||
|
11 May 2015, 00:08 |
|
|
revolution 11 May 2015, 00:16
A fastcall function will call the code like this:
Code: mov rcx,parameter1 mov rdx,parameter2 mov r8,parameter3 mov r9,parameter4 sub rsp,8*4 ;make space but do not initialise it call YourFunction add rsp 8*4 ;caller restores the stack And the stack is restored by the caller, so your code should not use any restore value in the "ret". |
|||
|
11 May 2015, 00:16 |
|
|
yq8 11 May 2015, 17:24
Uh, now I am confused.
I am unsure how I should adjust my code so it will use the correct registers  |
|||
|
11 May 2015, 17:24 |
|
|
revolution 12 May 2015, 01:32
For example: to get the first parameter, instead of using "mov rax,[rbp+0x10]" you could use "mov rax,rcx". Or even just use rcx directly instead of transferring it to another register.
|
|||
|
12 May 2015, 01:32 |
|
|
yq8 12 May 2015, 23:35
Is that the only change which needs to be made?
|
|||
|
12 May 2015, 23:35 |
|
|
revolution 13 May 2015, 00:09
No. It was just an example. All the other parameters also need to be considered. And your final "ret" should not have any value after it.
However, that code you are converting looks like something generated from an HLL compiler. It might be better for learning to rewrite the function from scratch directly in assembly and get something that is more readable and efficient. |
|||
|
13 May 2015, 00:09 |
|
< Last Thread | Next Thread > |
Forum Rules:
|