flat assembler
Message board for the users of flat assembler.

Index > Windows > Not a legal Win32 application

Author
Thread Post new topic Reply to topic
l4m2



Joined: 15 Jan 2015
Posts: 648
l4m2
Code:
format pe console
include 'win32ax.inc' 
macro rdt { irp x, pushad, cpuid, popad, rdtsc \{ x \} }

.data
    align 4
    num1 dd -12345
    num2 dd 333

.code 

proc start

    rdt
    mov esi, eax
    mov eax, [num1]
    cdq
    div [num2]
    rdt
    sub esi, eax
    invoke wfprintf, <invoke GetStdHandle,STD_OUTPUT_HANDLE>, <"%d", 10>, esi
    invoke ExitProcess, 0
endp          

(I'm not an Englishman so the Subject is also not what it will say on an English Win32)
P.S. Even if I remove the definition of .data, I got Compile Success.
Post 02 Apr 2016, 13:21
View user's profile Send private message Reply with quote
AsmGuru62



Joined: 28 Jan 2004
Posts: 1409
Location: Toronto, Canada
AsmGuru62
As I discovered, it is a version mismatch.
I have built an app using VS 2015 on Win 7 and then tried to run it on XP.
Got the exact same misleading error.
I think the format directive has a version part - try to set version 5.1 or 6.
Go to 2.4.2 from here:
http://flatassembler.net/docs.php?article=manual#2.4
Post 02 Apr 2016, 13:30
View user's profile Send private message Send e-mail Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
You forgot the ".end"
Code:
.end start    
Post 02 Apr 2016, 13:37
View user's profile Send private message Visit poster's website Reply with quote
l4m2



Joined: 15 Jan 2015
Posts: 648
l4m2
Now okay to run but no output
Code:
format pe console
include 'win32ax.inc' 
macro rdt { irp x, pushad, cpuid, popad, rdtsc \{ x \} }

.data
    align 4
    num1 dd -12345
    num2 dd 333
    stri:
        db '***', 61 dup 0
    dummy dd 1
.code 

proc start

    rdt
    mov esi, eax
    mov eax, [num1]
    cdq
    sub esi, eax
    idiv [num2]
    rdt
    invoke WriteFile, <invoke GetStdHandle,STD_OUTPUT_HANDLE>, stri, \
        <invoke wsprintf, stri, <"%d", 10>, esi>, dummy, 0
    invoke ExitProcess, 0
endp
.end start    
Post 02 Apr 2016, 13:48
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
Yup. wsprintf is a ccall function so you can't use it with the invoke like that, the stack doesn't get restored.
Post 02 Apr 2016, 13:56
View user's profile Send private message Visit poster's website Reply with quote
l4m2



Joined: 15 Jan 2015
Posts: 648
l4m2
revolution wrote:
Yup. wsprintf is a ccall function so you can't use it with the invoke like that, the stack doesn't get restored.
Revolution used invoke; If I use ccall thats a runtime error
Post 02 Apr 2016, 14:13
View user's profile Send private message Reply with quote
l4m2



Joined: 15 Jan 2015
Posts: 648
l4m2
The result is so strange and I can't copy it out from the console:.
740064 686099 306980 01209 1363976 94890 9769264
Post 02 Apr 2016, 14:17
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
l4m2 wrote:
revolution wrote:
Yup. wsprintf is a ccall function so you can't use it with the invoke like that, the stack doesn't get restored.
Revolution used invoke; If I use ccall thats a runtime error
You can use cinvoke to make a DLL ccall.
Post 02 Apr 2016, 14:32
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.