flat assembler
Message board for the users of flat assembler.
Index
> Tutorials and Examples > Planned file format tutorials |
A tutorial for which format would you like me to write first? | |||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Total Votes : 23 |
Author |
|
revolution 11 Jul 2018, 01:14
Since PE is the most commonly used format, then this is the place to start IMO. Some of the less used parts can be safely ignored, also IMO.
MZ is "simple" of course, but many people can't easily run the 16-bit programs on their 64-bit OSes. |
|||
11 Jul 2018, 01:14 |
|
ProMiNick 11 Jul 2018, 05:31
I can`t say anything against PE as first one. So maybe elf be second (in case of elf: libraries are more interest then executables itself). And Mach-O third.
|
|||
11 Jul 2018, 05:31 |
|
Ali.Z 11 Jul 2018, 20:01
Other: .sys (device driver)
|
|||
11 Jul 2018, 20:01 |
|
Tomasz Grysztar 11 Jul 2018, 20:28
Ali.A wrote: Other: .sys (device driver) Well, I could also put LE (which was used for Win9x device drivers among other things) on the list next to OMF. Both are mostly irrelevant today. |
|||
11 Jul 2018, 20:28 |
|
fasmnewbie 21 Jul 2018, 20:48
Isn't MZ / COFF part of PE structure? You can''t explain one without involving the other(s). I mean there's a COFF header somewhere in a PE format.
|
|||
21 Jul 2018, 20:48 |
|
Tomasz Grysztar 21 Jul 2018, 21:23
fasmnewbie wrote: Isn't MZ / COFF part of PE structure? You can''t explain one without involving the other(s). I mean there's a COFF header somewhere in a PE format. I am already midway through with writing the first chapter of the tutorials, about PE. I use a dummy stub, so I do not need to explain much about MZ. In fact, I could probably get away with explaining next to nothing, but to keep up appearances I at least set up the stub length fields properly, so the stub appears valid even though it has no actual code. As for the COFF, of course I mention it, as it is the main source of some of strange and/or obsolete values, but PE really does use only a few of the COFF's structures and the linkable object in COFF format is very, very different from an executable PE image. Things like relocations are done completely differently - obviously for linkable object relocations are much more complex. PE does not use a symbol table, which is essential for object COFF, etc. etc. Therefore COFF by itself deserves another chapter. Though I think that when I'm finished with PE I'm going to go for ELF first. |
|||
21 Jul 2018, 21:23 |
|
fasmnewbie 21 Jul 2018, 21:42
It will be a useful read indeed. I am eager to know how, for example, one can change the structure of a PE format and still get away with it without the OS complaining.
For example, GoLink managed to put the "PE" signature at offset 0x60 rather than the usual 0x80 as specified. Interesting. |
|||
21 Jul 2018, 21:42 |
|
Tomasz Grysztar 21 Jul 2018, 21:49
fasmnewbie wrote: For example, GoLink managed to put the "PE" signature at offset 0x60 rather than the usual 0x80 as specified. If the moving offset of PE looked strange to you, please try this: take the source code of FASMW and replace the first line (FORMAT directive) with: Code: format PE GUI 4.0 large NX on '..\fasmd\fasmd.exe' What you get is a dual executable, it should show up as FASMD when run in DOS and as FASMW when run in Windows. |
|||
21 Jul 2018, 21:49 |
|
DimonSoft 21 Jul 2018, 23:00
Looking forward to read whatever will be the result. Tweet about the source of 0x10B value is the kind of things I love most in such texts: the way history shines through modern abstractions and formats.
|
|||
21 Jul 2018, 23:00 |
|
moveax41h 25 Jul 2018, 17:34
fasmnewbie wrote: It will be a useful read indeed. I am eager to know how, for example, one can change the structure of a PE format and still get away with it without the OS complaining. You and a few others here may be interested in some related work I did in this area: https://toddcullumresearch.com/2017/07/16/portable-executable-file-corruption/ _________________ -moveax41h |
|||
25 Jul 2018, 17:34 |
|
catafest 10 Aug 2018, 17:14
I think a good tutorial / tutorials about FASM can be start with this title:
"How to manage a big project with FASM" in order to have/see the flow of good ways of programming with FASM. |
|||
10 Aug 2018, 17:14 |
|
Tomasz Grysztar 10 Aug 2018, 18:43
I have the direction established already, and it is one I'm quite satisfied with. There is so much to say and it is all about things that I really wanted to write about.
Also, the order of "PE, then ELF" turned out to be an excellent choice, it allows me to introduce features of fasmg quite slowly (my hope is to not intimidate with them if a reader happens to be interested more in the experimentation with binary formats than in fasmg). |
|||
10 Aug 2018, 18:43 |
|
ProMiNick 10 Aug 2018, 21:54
I impressed that "#" used so rarely and in most cases dot used for concatenation tokens.
Looks like tutorial about PE for 32bit address machines (no matter 32bit or 64bit they are, alpha was 64bit on PE32, and PE everywhere PE) is done, stayed PE version for machines with 64bit address. -------------------------------------------------------------------------------------- To catafest: would thou like to start such tutorial thourself? Any big project is constructor - part 1 project management: thou have to split it on related logical bloccks, some blocks could be portable, some not. And some of such blocks could be already created by other people (includes or external libraries). Than thou can build skelet of thour future program - working executable in thour target OS. part 2 process management - thou have to determine in what stage thour application could be - with every stage related some piece of data process operated on and data that stayed unchanged for current stage. part 3 data and memory management - thou have to determine what structures thou needed, how they will be related, how they will be stored (static, stack, heap, registers, or etc.) in stages that thou determine earlier. something like that... start thour big project and share ideas or experience on the fly. What thou want to create? If it will be interest people can join to thou. |
|||
10 Aug 2018, 21:54 |
|
Tomasz Grysztar 10 Aug 2018, 22:16
ProMiNick wrote: Looks like tutorial about PE for 32bit address machines (...) is done, stayed PE version for machines with 64bit address. |
|||
10 Aug 2018, 22:16 |
|
bzt 14 Nov 2018, 14:33
Hi,
ProMiNick wrote: stayed PE version for machines with 64bit address. To my best knowledge there's no such thing. I've written a bootloader for long mode kernels in PE format, and both x86_64 and AArch64 PE/COFF had 32 bit addresses which I had to sign-extend manually to 64 bit addresses (keeping the sign required for higher half only). It was just the code segment that had 64 bit instructions, that's all. I believe that's the reason why the format is called PE32+ and not PE64. Cheers, bzt |
|||
14 Nov 2018, 14:33 |
|
Tomasz Grysztar 14 Nov 2018, 16:09
bzt wrote:
PE+ as a format is able to handle 64-bit VAs fine. Only the RVAs are still limited to 32 bits. I have already written about this in the tutorial, too. |
|||
14 Nov 2018, 16:09 |
|
edfed 16 Nov 2018, 22:24
any file format is ok, i am sure there are common factors between them
|
|||
16 Nov 2018, 22:24 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.