flat assembler
Message board for the users of flat assembler.
Index
> Linux > linux command line revisited |
Author |
|
revolution 06 May 2021, 19:34
You can leave the argv parameters on the stack, they will be safe there, so no need to move them elsewhere.
They are always terminated by NULL (0x00), nothing else. The argv list is a table of pointers, so they aren't the strings themselves. [esp+0] = argc [esp+4] = pointer to first string (arg = 0) [esp+8] = pointer to next string (arg = 1) ;... [esp+argc*4] = pointer to last string (arg = argc-1) [esp+argc*4+4] = null pointer [esp+argc*4+8] = some other tables are also stored here |
|||
06 May 2021, 19:34 |
|
MajorDill 08 May 2021, 02:30
i got it, thx
|
|||
08 May 2021, 02:30 |
|
Melissa 08 May 2021, 16:43
On 64 bit if you write main (rdi->argc, rsi->argv pointer)
without main is same, on RSP. |
|||
08 May 2021, 16:43 |
|
revolution 08 May 2021, 18:19
For anyone familiar with Windows:
It might be surprising to learn that filenames in Linux can have any byte values except null and slash. So that includes CR, LF, space, 0xff, etc. And there is no default encoding, just raw byte values. If the code tries to do text processing on the filename then it needs to be aware of this fact to avoid weird results. You can't simply assume ASCII printable characters only. Displaying error message to the user that blindly copy the filename to the output can create unusual effects. Some real fun can be had by putting VT100 console escape sequences in the name. |
|||
08 May 2021, 18:19 |
|
Furs 09 May 2021, 12:30
revolution wrote: For anyone familiar with Windows: That's mainly the reason most GNU core tools have a -z option to delimit filenames in the output by NUL chars '\0' instead of newline. IMO it was a mistake to allow newlines in filenames. Nobody really uses them except for malware. |
|||
09 May 2021, 12:30 |
|
revolution 09 May 2021, 21:23
With Windows when using the raw kernel functions to access an NTFS volume, it is possible to make a filename with null characters (0x0000).
Then, from a normal user program, it becomes impossible to open, delete, rename, move, etc, the file. This is the same for registry key names. Windows makes this possible because it stores the length of the name, and doesn't search for a terminator character. And since the APIs receive and return a null terminated string from/to the user code, then there is no way to work with the null. Some programs have used this to detect if the user is trying to extend a free trial by deleting and reinstalling the files and registry keys. But that will fail to remove the "secret" null named file/key without using some deep level utility. |
|||
09 May 2021, 21:23 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.