flat assembler
Message board for the users of flat assembler.

Index > Windows > Implementing a FORTH system

Author
Thread Post new topic Reply to topic
chriscurl



Joined: 20 May 2020
Posts: 4
chriscurl
I have a project to develop a FORTH system that runs under windows. I want it to be "subroutine-threaded", and I want to be able to generate new subroutines at run time.

To that end, I understand I'll need to use VirtualProtect() to allow my DATA section to be executable, or to allow my CODE section to be readable/writable.

Is there a certain memory model I need to use so that my CS and DS are the same value? Using this, DS != CS:

section '.data' data readable writeable executable
...
section '.text' code readable writeable executable


Would it be better to set my CS section to writable and generate my code there, or to make my DS section executable? Or would that be personal preference?

Any other things I should be aware of? If it matters, I'll be doing this on a Windows 10 machine.
Post 20 May 2020, 19:53
View user's profile Send private message Reply with quote
chriscurl



Joined: 20 May 2020
Posts: 4
chriscurl
Here is my little program to tell me if CS == DS ...
Code:
; Test to see if CS and DS are equal

include 'win32ax.inc' ; you can simply switch between win32ax, win32wx, win64ax and win64wx here

section '.text' code readable writeable executable

  start:
        mov eax, cs
        mov edx, ds
        cmp eax, edx
        je yyy

        invoke  MessageBox,HWND_DESKTOP,"No, CS != DS","Comparison",MB_OK
        jmp zzz

yyy:    invoke  MessageBox,HWND_DESKTOP,"Yes, CS == DS","Comparison",MB_OK

zzz:    invoke  ExitProcess,0

.end start
    
[/code]
Post 20 May 2020, 21:10
View user's profile Send private message Reply with quote
DimonSoft



Joined: 03 Mar 2010
Posts: 706
Location: Belarus
DimonSoft
One shouldn’t really bother what values are in segment registers while writing Windows applications (well, until it comes to using some more advanced stuff like SEH, and even then only the value meaning is of some importance). And segments are of little to no importance in implementing read-only/read-write/execute access to memory ranges.
Post 20 May 2020, 22:32
View user's profile Send private message Visit poster's website Reply with quote
chriscurl



Joined: 20 May 2020
Posts: 4
chriscurl
So this looks like it will work! And yeah, I guess it doesn't matter if CS != DS. Very Happy

Code:

; Test to see if I can "generate" code

include 'win32ax.inc' ; you can simply switch between win32ax, win32wx, win64ax and win64wx here

section '.text' code readable writeable executable

xxsub1:
        dd 0
        db 0
        invoke  MessageBox,HWND_DESKTOP,"First subroutine", "Su1b",MB_OK
        ret

xxsub2:
        dd xxsub1
        db 0
        invoke  MessageBox,HWND_DESKTOP,"Second subroutine", "Sub2",MB_OK
        ret

xxsub3:
        dd xxsub2
        db 0
        invoke  MessageBox,HWND_DESKTOP,"Third subroutine", "Sub3",MB_OK
        ret

start:
        ; change the first instruction in sub2 to ret
        mov ecx, xxsub3
        mov ecx, [ecx]
        add ecx, 5
        mov al, 0xC3
        mov [ecx], al

        ; This should call sub1
        mov ecx, xxsub3
        mov ecx, [ecx]
        mov ecx, [ecx]
        add ecx, 5
        call ecx

        ; this should call sub2, which should just return now
        mov ecx, xxsub3
        mov ecx, [ecx]
        add ecx, 5
        call ecx

        ; "generate" code ... copy sub3 to sub4
        mov esi, xxsub3
        add esi, 5
        mov edi, xxsub4
        add edi, 5
        mov ecx, 250
        cld
        rep movsb

        ; call the newly "generated" code, sub4
        mov ecx, xxsub4
        add ecx, 5
        call ecx

        ; compare CS and DS
        mov eax, cs
        mov edx, ds
        cmp eax, edx

        je yyy
        invoke  MessageBox,HWND_DESKTOP,"No, CS != DS","Comparison",MB_OK
        jmp zz

yyy:    invoke  MessageBox,HWND_DESKTOP,"Yes, CS == DS","Comparison",MB_OK

zz:     invoke  ExitProcess,0

xxsub4:
        dd xxsub3
        db 0
        db 0 dup 256

.end start


    
Post 20 May 2020, 23:17
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17270
Location: In your JS exploiting you and your system
revolution
Just a note that if you plan to publish this code for others to run, then some AVs get upset with writeable code sections and self modifying code. It's the kind of trick that malware does to try and avoid detection.
Post 21 May 2020, 00:02
View user's profile Send private message Visit poster's website Reply with quote
chriscurl



Joined: 20 May 2020
Posts: 4
chriscurl
Fair enough ... this is just a hobby project though, but it will be in GitHub for anyone who wants to fork and play with.
Post 21 May 2020, 00:28
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar.

Powered by rwasa.