flat assembler
Message board for the users of flat assembler.

Index > DOS > DOS MZ Exe header is not correct

Author
Thread Post new topic Reply to topic
LowLevelMahn



Joined: 30 Sep 2008
Posts: 12
LowLevelMahn 17 Aug 2018, 15:03
Code:
format MZ 

entry main:start
stack 100h

segment main
  start: 
  ret
    


producing an exe with this content

Code:
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F

00000000  4D 5A 21 00 01 00 00 00 02 00 10 00 FF FF 01 00  MZ!.........ÿÿ..
00000010  00 01 00 00 00 00 00 00 1C 00 00 00 00 00 00 00  ................
00000020  C3                                               Ã
    


exe header (size = 0x1C)
4D 5A 21 00 01 00 00 00 02 00 10 00 FF FF 01 00 00 01 00 00 00 00 00 00 1C
00 00 00

signature: MZ
bytes_in_last_block: 0x0021
blocks_in_file: 0x0001
num_relocs: 0x0000
header_paragraphs: 0x0002
min_extra_paragraphs: 0x0010
max_extra_paragraphs: 0xFFFF
ss:sp: 0x0001:0x0100 (offset32: 0x00000110)
checksum: 0x0000
cs:ip: 0x0000:0x0000 (offset32: 0x00000000)
reloc_table_offset: 0x001C
overlay_number: 0x0000

there are no relocations (num_relocs: 0x0000) in the relocation table but there are four 0 bytes before the ret opcode
00 00 00 00

ret instruction
C3

btw: its not possible to haven an zero-size stack exe (more an academic problem but still possible with other assemblers)

i think: due to this IDA Pro is telling me that the exe is maybe packed
Post 17 Aug 2018, 15:03
View user's profile Send private message Reply with quote
LowLevelMahn



Joined: 30 Sep 2008
Posts: 12
LowLevelMahn 17 Aug 2018, 18:22
maybe i got it:

image_start = header_paragraphs * 16

so the 4 extra bytes are just padding
Post 17 Aug 2018, 18:22
View user's profile Send private message Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 8358
Location: Kraków, Poland
Tomasz Grysztar 17 Aug 2018, 19:58
Yes, this is padding to the nearest paragraph boundary.

If you need more control over the contents of the headers, please try fasmg with its MZ formatting macros. In the basic form they are fully compatible with fasm 1, but because they are simply macros, you can easily alter anything.
Post 17 Aug 2018, 19:58
View user's profile Send private message Visit poster's website Reply with quote
LowLevelMahn



Joined: 30 Sep 2008
Posts: 12
LowLevelMahn 18 Aug 2018, 05:18
thanks

other question: is there a real need that i can't have an exe with zero size stack?
Post 18 Aug 2018, 05:18
View user's profile Send private message Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 8358
Location: Kraków, Poland
Tomasz Grysztar 18 Aug 2018, 05:28
LowLevelMahn wrote:
other question: is there a real need that i can't have an exe with zero size stack?
Obviously corrupting your code/data upon a first interrupt that happens is not a good idea. Wink
You can, however, set up the stack completely manually with the other syntax:
Code:
stack segment:offset    
This syntax allows too choose the initial values of SS and SP directly.
Post 18 Aug 2018, 05:28
View user's profile Send private message Visit poster's website Reply with quote
LowLevelMahn



Joined: 30 Sep 2008
Posts: 12
LowLevelMahn 25 Sep 2019, 10:23
unearthing this thread

Quote:

Quote:

there are no relocations (num_relocs: 0x0000) in the relocation table but there are four 0 bytes before the ret opcode
00 00 00 00

Yes, this is padding to the nearest paragraph boundary.


i've found that some linkers do not always fill with 4 bytes

example for a small dos exe with bytes between header and relocation table
Code:
optlink.exe: 00 00
link.exe: 01 00
wlink.exe: 00 00 00 00
fasm.exe: 00 00 00 00
ulink.exe:
00000000  55 6E 69 4C 69 6E 6B 00 00 00 00 00 00 00 00 00  UniLink.........
00000010  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00000020  00 00 00 00                                                         ....
    


does that mean the padding is not necessary or do the linker not produce standard conform executables?
Post 25 Sep 2019, 10:23
View user's profile Send private message Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 8358
Location: Kraków, Poland
Tomasz Grysztar 25 Sep 2019, 10:40
The way fasm's syntax works, you define segment where your code/data resides (and then you use the address of that segment, like "main" in the example in this thread) - and that code/data starts at the beginning of that segment. You can, for example, rely that "start:" after "segment main" is going to have an address 0 within that segment.

But with a bit different semantics it could also be possible to set things up differently. You can even use negative segment numbers - like, for example, fasm does when converting .COM program to PE stub (the segment -10h points to PSP, which is 100h bytes before the contents of loaded program - this simulates the segments settings for .COM file).

This is why I mentioned fasmg's MZ implementation, as something you can easily tweak to allow a different syntax and/or semantics, fitting to your needs.
Post 25 Sep 2019, 10:40
View user's profile Send private message Visit poster's website Reply with quote
guignol



Joined: 06 Dec 2008
Posts: 763
guignol 25 Sep 2019, 10:41
unearthing means bringing up to the surface (obviously from soil)
Post 25 Sep 2019, 10:41
View user's profile Send private message Reply with quote
LowLevelMahn



Joined: 30 Sep 2008
Posts: 12
LowLevelMahn 25 Sep 2019, 10:45
i don't want to tweak - i just want to understand if the padding between the header and the relocation table is needed, you said 4 byte for paragraph padding - but the microsoft linker 5.6x (latest 16bit able) added only 2 bytes, also optlink
Post 25 Sep 2019, 10:45
View user's profile Send private message Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 8358
Location: Kraków, Poland
Tomasz Grysztar 25 Sep 2019, 10:51
LowLevelMahn wrote:
i don't want to tweak - i just want to understand if the padding between the header and the relocation table is needed, you said 4 byte for paragraph padding - but the microsoft linker 5.6x (latest 16bit able) added only 2 bytes, also optlink
To recapitulate in short: it is not really needed, but fasm's semantics are such that fasm's MZ formatter has to put it there.

PS. I also recommend taking a look at another thread on the topic.
Post 25 Sep 2019, 10:51
View user's profile Send private message Visit poster's website Reply with quote
LowLevelMahn



Joined: 30 Sep 2008
Posts: 12
LowLevelMahn 25 Sep 2019, 11:42
thanks for the help
Post 25 Sep 2019, 11:42
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.