flat assembler
Message board for the users of flat assembler.

Index > Windows > How to call own procedure with parameters

Author
Thread Post new topic Reply to topic
Helga



Joined: 12 Dec 2017
Posts: 6
Helga 12 Dec 2017, 21:26
I've got lots of procedure in dll file. I need to call them with my own parameters but everything does not work. I do something like this :
Code:
section '.data' data readable writeable 
first db 0
handle_to_output_stream dd 0 
reserved                                dd 0 
symbols_was_written     dd 0


proc increment, number
        mov [number], 99
        ret
endp


section '.code' code readable executable 
start: 
        stdcall increment, first
        xor ebx, ebx
        mov bl, [first]    


But even in this small sample without dll the variable first does not change its value after call of the procedure. I know that i can pass parameters using registers. But i thought that with macros proc and endproc i can call procedure as in high level languages as C.
Can you give me working example there procedure which was written using macros proc and endp works?
I really do not understand the working mechanism of these macros and even can't find info about how to pass into procedures variables by value or address.
Post 12 Dec 2017, 21:26
View user's profile Send private message Reply with quote
donn



Joined: 05 Mar 2010
Posts: 321
donn 12 Dec 2017, 22:40
I don't use proc macros and am typing from a keyboardless-tablet, but if you're looking for ideas, the fasm download examples folder has both 32 and 64 bit template.asm examples which contain procs. Not the best example maybe since they are WindowProcs called indirectly, but they look like:

Code:
proc WindowProc uses ebx esi edi, hwnd,wmsg,wparam,lparam
        cmp     [wmsg],WM_DESTROY
        je      .wmdestroy
  .defwndproc:
        invoke  DefWindowProc,[hwnd],[wmsg],[wparam],[lparam]
        jmp     .finish
  .wmdestroy:
        invoke  PostQuitMessage,0
        xor     eax,eax
  .finish:
        ret
endp    


There's no comma after the proc name, not sure if it matters. Definitely a good idea to understand these more before using, but the Examples folder may be able to unblock you if you're stuck today.
Post 12 Dec 2017, 22:40
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 13 Dec 2017, 00:07
Helga: You have the "increment" procedure inside the ".data" section which is not marked as executable. So that increment code can't be executed.
Post 13 Dec 2017, 00:07
View user's profile Send private message Visit poster's website Reply with quote
Helga



Joined: 12 Dec 2017
Posts: 6
Helga 13 Dec 2017, 04:44
revolution wrote:
Helga: You have the "increment" procedure inside the ".data" section which is not marked as executable. So that increment code can't be executed.

Thanks but is does not help me anyway. I moved it into such section
Code:
section '.code' code executable
proc increment number
        mov [number], 99
        ret
endp    

but it anyway does not change the value of the passed variable after processing. In the debugger i can see that it was executed but after checking variable which was passed as an procedure's argument i do not see any changes.
Post 13 Dec 2017, 04:44
View user's profile Send private message Reply with quote
Helga



Joined: 12 Dec 2017
Posts: 6
Helga 13 Dec 2017, 04:48
donn wrote:
I don't use proc macros and am typing from a keyboardless-tablet, but if you're looking for ideas, the fasm download examples folder has both 32 and 64 bit template.asm examples which contain procs. Not the best example maybe since they are WindowProcs called indirectly, but they look like:

Code:
proc WindowProc uses ebx esi edi, hwnd,wmsg,wparam,lparam
        cmp     [wmsg],WM_DESTROY
        je      .wmdestroy
  .defwndproc:
        invoke  DefWindowProc,[hwnd],[wmsg],[wparam],[lparam]
        jmp     .finish
  .wmdestroy:
        invoke  PostQuitMessage,0
        xor     eax,eax
  .finish:
        ret
endp    


There's no comma after the proc name, not sure if it matters. Definitely a good idea to understand these more before using, but the Examples folder may be able to unblock you if you're stuck today.

Thank you. I've checked them but all of their procedures are procedures which will be called by Windows indirectly and i can not find the example there proc will be called directly with parameters. I found in the docs that the comma after proc name does nothing : it does not matter any sense.
Post 13 Dec 2017, 04:48
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 13 Dec 2017, 05:12
If you post a complete minimal example that we can assemble we could help you better.
Post 13 Dec 2017, 05:12
View user's profile Send private message Visit poster's website Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 8359
Location: Kraków, Poland
Tomasz Grysztar 13 Dec 2017, 07:33
Helga wrote:
Thanks but is does not help me anyway. I moved it into such section
Code:
section '.code' code executable
proc increment number
        mov [number], 99
        ret
endp    

but it anyway does not change the value of the passed variable after processing. In the debugger i can see that it was executed but after checking variable which was passed as an procedure's argument i do not see any changes.
When you modify [number] you modify the value of parameter that was passed to procedure (and stored on the stack). If you passed an address of a variable in this parameter, you need to use this value as a pointer in order to modify that memory location:
Code:
        mov     edx,[number]
        mov     byte [edx],99    
Post 13 Dec 2017, 07:33
View user's profile Send private message Visit poster's website Reply with quote
Helga



Joined: 12 Dec 2017
Posts: 6
Helga 13 Dec 2017, 09:40
Tomasz Grysztar wrote:
Helga wrote:
Thanks but is does not help me anyway. I moved it into such section
Code:
section '.code' code executable
proc increment number
        mov [number], 99
        ret
endp    

but it anyway does not change the value of the passed variable after processing. In the debugger i can see that it was executed but after checking variable which was passed as an procedure's argument i do not see any changes.
When you modify [number] you modify the value of parameter that was passed to procedure (and stored on the stack). If you passed an address of a variable in this parameter, you need to use this value as a pointer in order to modify that memory location:
Code:
        mov     edx,[number]
        mov     byte [edx],99    

Thank you for the answer! It works.
Can you explain me these two lines more deeply?
Than we do
Code:
mov edx, [number]    

we move the adress of the passed value to the edx and in the next line
Code:
 mov     byte [edx],99    

we modify it using command byte which will interpret the value of edx as adress of the one byte variable?
Am i right?
Post 13 Dec 2017, 09:40
View user's profile Send private message Reply with quote
Helga



Joined: 12 Dec 2017
Posts: 6
Helga 13 Dec 2017, 09:46
revolution wrote:
If you post a complete minimal example that we can assemble we could help you better.

Thank you for the patience, Tomasz did it. But i post full version of the code anyway. Maybe it will help someone or you will find here more mistakes.
Code:
format  PE Console  
entry   start                    

include 'C:\FASM\INCLUDE\win32a.inc'
include 'C:\FASM\INCLUDE\MACRO\PROC32.INC'
 
section '.data' data readable writeable 
first db 0

section '.code' code executable
proc increment number
        mov edx,[number] 
        mov byte [edx],99
        ret
endp

section '.code' code readable executable 
start: 
        stdcall increment, first
        xor ebx, ebx
        mov bl, [first]
        
FINISH :         

        invoke  ExitProcess, 0 
         
section '.idata' import readable 
        library kernel, 'KERNEL32.DLL',\ 
        ascidc,         'ascidc.dll',\
        user32,'USER32.DLL'
import  kernel,\         
        ExitProcess,    'ExitProcess'     
Post 13 Dec 2017, 09:46
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 13 Dec 2017, 09:52
Not really problems, but you don't need the second include of proc32 because win32a already includes it. Also you have two code sections, and although they have different flags I don't see any reason why they can't all be combined into one section. Plus the FINISH label is not used anywhere.
Code:
format  PE Console
entry   start

include 'win32a.inc'

section '.data' data readable writeable
first db 0

section '.code' code executable

proc increment number
        mov edx,[number]
        mov byte [edx],99
        ret
endp

start:
        stdcall increment, first
        xor ebx, ebx
        mov bl, [first]
        invoke  ExitProcess, 0

section '.idata' import readable

        library kernel, 'KERNEL32.DLL',\
        ascidc,         'ascidc.dll',\
        user32,'USER32.DLL'
        import  kernel,\
        ExitProcess,    'ExitProcess'    
Post 13 Dec 2017, 09:52
View user's profile Send private message Visit poster's website Reply with quote
Helga



Joined: 12 Dec 2017
Posts: 6
Helga 13 Dec 2017, 15:07
revolution wrote:
Not really problems, but you don't need the second include of proc32 because win32a already includes it. Also you have two code sections, and although they have different flags I don't see any reason why they can't all be combined into one section. Plus the FINISH label is not used anywhere.

Thank you for advices! I understood and corrected all of them in my code.
Post 13 Dec 2017, 15:07
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.