flat assembler
Message board for the users of flat assembler.

Index > Compiler Internals > [bug?] Is align 8 in stub expected behavior?

Author
Thread Post new topic Reply to topic
vityacv



Joined: 27 Oct 2012
Posts: 7
vityacv 10 Sep 2023, 07:04
example stub:
Code:
00000000  90 90 90 90                                       |....|
    

when we use it as dos stub:
Code:
format pe64 on 'stub.bin' 
entry Main 

Main:
ret 
    

it generates:
Code:
00000000  4d 5a 48 00 01 00 00 00  04 00 ff 0f ff ff f0 ff  |MZH.............|
00000010  fe ff 00 00 00 01 f0 ff  40 00 00 00 00 00 00 00  |........@.......|
00000020  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000030  00 00 00 00 00 00 00 00  00 00 00 00 48 00 00 00  |............H...|
00000040  90 90 90 90 00 00 00 00  50 45 00 00 64 86 01 00  |........PE..d...|
00000050  04 6a fd 64 00 00 00 00  00 00 00 00 f0 00 2f 00  |.j.d........../.|
    

on 00000040 there is additional 0's in dos stub added, is this correct?
Post 10 Sep 2023, 07:04
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20486
Location: In your JS exploiting you and your system
revolution 10 Sep 2023, 08:02
Looking at lines 797 & 798 in formats.inc we see this:
Code:
        add     ecx,40h+111b
        and     ecx,not 111b    
So the answer to the question in the title is: Yes. Expected.
Post 10 Sep 2023, 08:02
View user's profile Send private message Visit poster's website Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 8363
Location: Kraków, Poland
Tomasz Grysztar 10 Sep 2023, 09:36
It is as stated by PE specification:
Microsoft wrote:
PE Header (aligned on 8-byte boundary)

By the way, if this section of modern specification looks a bit confusing, it is because it is a mis-formatted figure that looked this way in the original PE.TXT file (which was the reference I used when writing fasm):
Code:
1. Overview

    +------------------+  <--+ <----- Base of Image Header
    ¦ DOS 2 Compatible ¦     ¦
    ¦    EXE Header    ¦     ¦
    +------------------¦     ¦
    ¦      unused      ¦     ¦
    +------------------¦     ¦
    ¦  OEM Identifier  ¦     ¦
    ¦  OEM Info        ¦     ¦
    ¦                  ¦     ¦   DOS 2.0 Section
    ¦    Offset to     ¦     ¦   (for DOS compatibility only)
    ¦    PE Header     ¦     ¦
    +------------------¦     ¦
    ¦   DOS 2.0 Stub   ¦     ¦
    ¦   Program &      ¦     ¦
    ¦   Reloc. Table   ¦     ¦
    +------------------¦  <--+
    ¦      unused      ¦
    +------------------¦  <--------- Aligned on 8 byte boundary
    ¦    PE Header     ¦
    +------------------¦
    ¦   Object Table   ¦
    +------------------¦
    ¦   Image Pages    ¦
    ¦     import info  ¦
    ¦     export info  ¦
    ¦     fixup info   ¦
    ¦     resource info¦
    ¦     debug info   ¦
    +------------------+

Figure 1. A typical 32-bit Portable EXE File Layout    

PS. See also my PE tutorial for a detailed discussion of how a correct PE file should be arranged.
Post 10 Sep 2023, 09:36
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.