flat assembler
Message board for the users of flat assembler.

Index > High Level Languages > Calling printf from COFF

Author
Thread Post new topic Reply to topic
Constantine



Joined: 29 Oct 2016
Posts: 7
Constantine 25 Dec 2016, 06:29
I know how to call printf from usual PE executable. But in current project the entrypoint is in C++ file, it calls function from COFF written in FASM. And I need to call printf from FASM code. I tried following:

Code:
format MS COFF

include 'win32axp.inc'

extrn '__imp__printf' as printf:dword

public cutOutTags as '_cutOutTags'

; void cutOutTags(const char * html, char ** tags, int tagsCount, char * res);
        
proc cutOutTags c uses ECX EDX ESI EDI EBP, html:DWORD, tagsToDelete:DWORD, tagsCount:DWORD, res:DWORD
        
        cinvoke printf, "test"
        ret
endp
    


Compilation command line is

Code:
fasm.exe cutTags.asm
g++ -std=c++11 -static -Wall -o sem.exe  sem.cpp cutTags.obj
    


Compilation & linking is OK, but app crashes. What am I doing wrong?
Post 25 Dec 2016, 06:29
View user's profile Send private message Send e-mail Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 25 Dec 2016, 06:50
You probably need ccall instead of cinvoke. Invoke is for the Windows API, and ccall is for the C library functions.
Post 25 Dec 2016, 06:50
View user's profile Send private message Visit poster's website Reply with quote
Constantine



Joined: 29 Oct 2016
Posts: 7
Constantine 25 Dec 2016, 07:25
Thanks, but it is still the same. Also documentation says that
cinvoke printf, ...
and
ccall [printf], ...
are equivalents.
Post 25 Dec 2016, 07:25
View user's profile Send private message Send e-mail Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 25 Dec 2016, 07:35
Drop the brackets.

ccall printf,...
Post 25 Dec 2016, 07:35
View user's profile Send private message Visit poster's website Reply with quote
Constantine



Joined: 29 Oct 2016
Posts: 7
Constantine 25 Dec 2016, 07:39
I tried. It still crashes.
Post 25 Dec 2016, 07:39
View user's profile Send private message Send e-mail Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 25 Dec 2016, 07:42
What does the disassembler/debugger show?

Are you sure it crashes on the code you show above?
Post 25 Dec 2016, 07:42
View user's profile Send private message Visit poster's website Reply with quote
Constantine



Joined: 29 Oct 2016
Posts: 7
Constantine 25 Dec 2016, 11:07
I do not use disassembler/debugger.

Yes, if I comment the printf line program runs correctly.
Post 25 Dec 2016, 11:07
View user's profile Send private message Send e-mail Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 25 Dec 2016, 11:14
Constantine wrote:
I do not use disassembler/debugger.
It could help you a lot. Especially in cases like this where you don't know what is happening.

Ollydbg
Post 25 Dec 2016, 11:14
View user's profile Send private message Visit poster's website Reply with quote
Constantine



Joined: 29 Oct 2016
Posts: 7
Constantine 25 Dec 2016, 15:51
And how do I find my asm code in the debug?
Post 25 Dec 2016, 15:51
View user's profile Send private message Send e-mail Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 25 Dec 2016, 15:54
When it crashes you will see where it stops.

Or, you can insert int3 just before the call and the debugger will stop there for you to single step onwards.
Post 25 Dec 2016, 15:54
View user's profile Send private message Visit poster's website Reply with quote
system error



Joined: 01 Sep 2013
Posts: 670
system error 25 Dec 2016, 17:18
I don't know about other codes you're linking to but from the source above;

1. Your test string "test" is not null-terminated.
2. Try to get rid of decorated names first. Just use extrn printf, public cutOutTags.
Post 25 Dec 2016, 17:18
View user's profile Send private message Reply with quote
system error



Joined: 01 Sep 2013
Posts: 670
system error 25 Dec 2016, 17:24
If you are to test on cutOutTags alone as a single source, try something like this below and see what more clues you can get from it. I use GoLink to produce the .exe.

Code:
format MS COFF
include 'win32axp.inc'

extrn printf
extrn exit

public cutOutTags

; void cutOutTags(const char * html, char ** tags, int tagsCount, char * res); 
         
proc cutOutTags c uses ECX EDX ESI EDI EBP, html:DWORD, tagsToDelete:DWORD, tagsCount:DWORD, res:DWORD 
         
        push 0          ;C-string null
        push "test"
        push esp
        call printf
        add esp,12
        push 0
        call exit
        ;ret
endp    
Post 25 Dec 2016, 17:24
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 25 Dec 2016, 17:37
system error wrote:
1. Your test string "test" is not null-terminated.
It is properly terminated by both the cinvoke and the ccall macros.

A debugger/disassembler will show you such things. No need to assume here. Wink
Post 25 Dec 2016, 17:37
View user's profile Send private message Visit poster's website Reply with quote
system error



Joined: 01 Sep 2013
Posts: 670
system error 25 Dec 2016, 17:47
revo. I don't know much about macros but no, I don't think so or at least doesn't appear that way to me.
Post 25 Dec 2016, 17:47
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 25 Dec 2016, 17:51
system error wrote:
... no, I don't think so or at least doesn't appear that way to me.
Ya, it is. No need to manually add a null if you use the macros as intended.
Post 25 Dec 2016, 17:51
View user's profile Send private message Visit poster's website Reply with quote
system error



Joined: 01 Sep 2013
Posts: 670
system error 25 Dec 2016, 17:53
you're right. The string works fine without explicit terminator.
Post 25 Dec 2016, 17:53
View user's profile Send private message Reply with quote
Constantine



Joined: 29 Oct 2016
Posts: 7
Constantine 25 Dec 2016, 21:41
The problem was in outer code. cutOutTags() function was called from C++ code as

std::cout << cutOutTags(input.c_str(), argv + 1, argc - 1, out);

Simple call (without std::cout) solves the problem. Thank you guys for helping!

P. S. Still I could not get any debugger to work. I tried Ollydbg & x32dbg. Either of them just stops in some obscure place not giving any crash message or even any reason why it have stopped and didn't want to continue tracing. And also I couldn't find any of my fasm instructions in exe file. Is there some good manual on debugging?
Post 25 Dec 2016, 21:41
View user's profile Send private message Send e-mail Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.