flat assembler
Message board for the users of flat assembler.

Index > Windows > Integer overflow - range checking

Author
Thread Post new topic Reply to topic
FlierMate



Joined: 21 Jan 2021
Posts: 213
Location: Malaysia
FlierMate
Hi folks, I am planning to write a parser which support variables, iteration construct and conditional statement along with basic I/O commands, and this so-called compiler will generate a PE with relevant code + data section (while import table is fixed) programmatically.

Since I introduce variable with string and integer data types in my own programming language, I have an issue with range checking on cases such as integer overflow or division by zero.

For example, the program with following code would just exit silently.(EDIT: mistake here, the program won't quit unexpectedly. I was using the wrong format specifier for wsprintf. But still, it is best if can perform range checking beforehand)

Code:
start:
 
       or eax,0ffffffffh
       mov ebx,2
       add eax,ebx
       push eax
       ; push newmessage
       push fmt
       push buffer
       call [wsprintf]           


How to perform range checking before adding the two numbers (0ffffffffh and 2) so that I can display a text string saying ,e.g. Runtime error XXX, integer overflow.

And I see PE format spec has listed Debug in optional header, how do I make use of that?
Post 03 Apr 2021, 12:52
View user's profile Send private message Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 3387
Location: vpcmipstrm
bitRAKE
The conditional instructions operating on CF are unsigned. Whereas those that rely on SF & OF are signed branches. The ZF ones are both. I suggest writing a little test - especially for the bounds of your number format.
Post 03 Apr 2021, 13:49
View user's profile Send private message Visit poster's website Reply with quote
FlierMate



Joined: 21 Jan 2021
Posts: 213
Location: Malaysia
FlierMate
bitRAKE wrote:
The conditional instructions operating on CF are unsigned. Whereas those that rely on SF & OF are signed branches. The ZF ones are both. I suggest writing a little test - especially for the bounds of your number format.


Thanks for the suggestion. Maybe I should add the numbers first then determine using flags like you said.[/i]
Post 03 Apr 2021, 14:47
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 18471
Location: In your JS exploiting you and your system
revolution
Code:
add eax, ebx
jc unsigned_overflow
jo signed_overflow    
Post 03 Apr 2021, 15:04
View user's profile Send private message Visit poster's website Reply with quote
FlierMate



Joined: 21 Jan 2021
Posts: 213
Location: Malaysia
FlierMate
revolution wrote:
Code:
add eax, ebx
jc unsigned_overflow
jo signed_overflow    


Thank you. At first I thought can detect overflow before adding the numbers.... so your code and @bitRAKE explanation have clarified it in simple solution.
Post 03 Apr 2021, 15:09
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 18471
Location: In your JS exploiting you and your system
revolution
You can also use the carry flag to extend the addition to more precision.
Code:
add eax, ebx ; first 32-bits
adc ecx, edx ; next 32-bits    
Post 03 Apr 2021, 15:12
View user's profile Send private message Visit poster's website Reply with quote
FlierMate



Joined: 21 Jan 2021
Posts: 213
Location: Malaysia
FlierMate
revolution wrote:
You can also use the carry flag to extend the addition to more precision.
Code:
add eax, ebx ; first 32-bits
adc ecx, edx ; next 32-bits    


Thumb up for this!

BTW, as for the variables in higher programming language, can I define each of these variables as follows?
Code:
section '.code' code readable writable executable
        var0001  rb 256 ; string
        var0002  rb 32  ;32-bit integer
....
....

       


I see the var0001 and var0002 has occupied 288 bytes at the beginning of the code section with null bytes.

About the size of code section, can I adjust it to fit 512 bytes or multiple of 512 bytes (because the code section would be larger than usual if I store multiple variables in it) while the rest of the sections (data section & import table) remain at 512 bytes minimum? It would save me some hassle if you or anyone know this.
Post 03 Apr 2021, 15:25
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 18471
Location: In your JS exploiting you and your system
revolution
32-bit integers are only 4 bytes, or one dword.
Code:
        var0002  dd ?  ;32-bit integer    
If you use the PE format for Windows then the sections are always aligned to 512 in the .exe file. Each section can be any size as long as it fits into memory.
Post 03 Apr 2021, 16:08
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.