flat assembler
Message board for the users of flat assembler.

Index > Windows > 32bit readfile access invalid.

Goto page 1, 2  Next
Author
Thread Post new topic Reply to topic
Roman



Joined: 21 Apr 2012
Posts: 1701
Roman 08 Mar 2024, 07:34
Fasmw 1.73
Windows 10. Ram 16 gig
Minimal code.
I get _erro = 998 (0x03E6) Buffer access invalid or Invalid access to memory location.
Code:
 
format PE GUI 4.0 
entry Start
include 'c:\fasmw17316\include\Win32a.inc'

section '.code' code readable writeable executable
      align 16
      _erro dd 0      
;load any file size 36 080 008 bytes  
      pukk  db "lvlq.bin",0 
Start:            
           mov eax,pukk
           mov  edx,gltfMapKeyNamesOfst ;zbuf2
           call LoadFile  
           invoke  ExitProcess,0

rbait       dd 0
flen        dd 0,0
filename    dd 0
fhand       dd 0
proc    LoadFile
             mov     ebx,edx
             mov     [rbait],0
             mov     [filename],eax
             invoke CreateFile,eax,GENERIC_READ,3,0,OPEN_EXISTING,FILE_ATTRIBUTE_READONLY,0 ;NORMAL,0
             mov    [fhand],eax
             invoke GetFileSizeEx,[fhand],flen
             invoke ReadFile,[fhand],ebx,[flen],rbait,0
             invoke GetLastError
             mov    [_erro],eax
             invoke CloseHandle,[fhand]
             mov    eax,[rbait]
             test    eax,eax
             jnz     .OK
             mov     eax,[filename]
             invoke  MessageBox, 0, eax, .txt,MB_OK or MB_ICONERROR
.OK:      ret
            .txt db "Fille not found.",0 
endp
 
SECTION '.idata' IMPORT DATA READABLE WRITEABLE

     library  kernel32, 'KERNEL32.DLL',\
              user32,   'USER32.DLL',\
              winmm,    'WINMM.DLL',\
              msvcrt,   'MSVCRT.DLL'



 include 'fasmAPI\kernel32.inc'
 include 'fasmAPI\user32.inc'
 include 'fasmAPI\winmm.inc'
 include 'fasmAPI\msvcrt.inc'

section '.bss' readable writeable
org 500000h ;if this rem loadFile ok
gltf_names = 60000
;size from gltfMapKeyNamesOfst  to gltflvlDataEnd 36 080 008 bytes as file size
gltfMapKeyNamesOfst      rd 1
gltfMapKeyNames          rb 64*gltf_names  
gltflvlData              rd 8000000 
gltflvlDataCountrOfst    rd 1
gltflvlDataCountr        rd 1*gltf_names
gltflvlDataEnd:
        Status           rd      51200*1  ; error load  
                         rd      51200*7  ;with this load ok. Without load error                                                        

    

org 500000h imitates big code in section code.
Its show if you code have some size, you might get readfile error !


Last edited by Roman on 08 Mar 2024, 08:16; edited 1 time in total
Post 08 Mar 2024, 07:34
View user's profile Send private message Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 913
Location: Russia
macomics 08 Mar 2024, 08:12
See who else is using your file. 998 - no access
Post 08 Mar 2024, 08:12
View user's profile Send private message Reply with quote
Hrstka



Joined: 05 May 2008
Posts: 54
Location: Czech republic
Hrstka 08 Mar 2024, 08:17
Your buffer is too small. You have space for 64 * 60000 + 8 000 000 * 4 = 35 840 000 bytes, but your file has 36 080 008 bytes.


Last edited by Hrstka on 08 Mar 2024, 08:21; edited 1 time in total
Post 08 Mar 2024, 08:17
View user's profile Send private message Reply with quote
Roman



Joined: 21 Apr 2012
Posts: 1701
Roman 08 Mar 2024, 08:18
No else.
Minimal example show only my program 1 time load file this file.


Hrstka
read again.
My buffer size 36 080 008 bytes
Plus 200 000 bytes Status.
But readfile get error if org 500000h
Without org 500000h, readfile load file fine.


Last edited by Roman on 08 Mar 2024, 08:22; edited 1 time in total
Post 08 Mar 2024, 08:18
View user's profile Send private message Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 8344
Location: Kraków, Poland
Tomasz Grysztar 08 Mar 2024, 08:22
Even if the buffer is enough, the ORG command there changes the addresses of labels, and so the pointer to the buffer does not really point where it's supposed to. This is not how ORG should be used.
Post 08 Mar 2024, 08:22
View user's profile Send private message Visit poster's website Reply with quote
Roman



Joined: 21 Apr 2012
Posts: 1701
Roman 08 Mar 2024, 08:24
And how fix this?

I try variant with Virtualalloc, work fine for readfile.
Post 08 Mar 2024, 08:24
View user's profile Send private message Reply with quote
Roman



Joined: 21 Apr 2012
Posts: 1701
Roman 08 Mar 2024, 08:39
I found this
https://masm32.com/board/index.php?topic=2130.0

ALIGNSIZE EQU 4096
ALIGNLOC EQU $ - DATASTART
rb ALIGNSIZE - (ALIGNLOC and (ALIGNSIZE-1))
Post 08 Mar 2024, 08:39
View user's profile Send private message Reply with quote
Hrstka



Joined: 05 May 2008
Posts: 54
Location: Czech republic
Hrstka 08 Mar 2024, 08:55
Okay, then the buffer size is all right. With the org directive, Fasm will change the line
Code:
mov  edx,gltfMapKeyNamesOfst ;zbuf2    
to
Code:
mov  edx, 500000h    
so you are loading the data into a wrong place. In order to simulate big code section, it's much better to remove the org. Instead insert something like
Code:
times 500000h nop    
into the code section.
Post 08 Mar 2024, 08:55
View user's profile Send private message Reply with quote
Roman



Joined: 21 Apr 2012
Posts: 1701
Roman 08 Mar 2024, 09:16
Quote:

times 500000h nop

My exe file 5 mb!

Buffer begin address 903000h

And this variant load file ok. No error.
Post 08 Mar 2024, 09:16
View user's profile Send private message Reply with quote
Hrstka



Joined: 05 May 2008
Posts: 54
Location: Czech republic
Hrstka 08 Mar 2024, 09:29
Yes, this increases exe size. Exactly as it would be with real (useful) code.
Post 08 Mar 2024, 09:29
View user's profile Send private message Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 913
Location: Russia
macomics 08 Mar 2024, 09:39
I tried to create a file of the specified length and run your program. I don't have any errors.

Let's do the math: org 500000h + rd + rb 64 * 60000 + rd 8000000 + rd + rd 1 * 60000=500000h+4+3780000+32000000+4+240000=2759F28h

As you can see on the memory map, the bss section starts at 403000h and has a size of 023F9000h
403000h+023F9000h=27FC000h

2759F28h < 27FC000h => There is enough memory to fit

Well, the result of the program is also visible in 1 screen. The file was fully loaded into memory without errors.


Last edited by macomics on 08 Mar 2024, 10:34; edited 1 time in total
Post 08 Mar 2024, 09:39
View user's profile Send private message Reply with quote
Roman



Joined: 21 Apr 2012
Posts: 1701
Roman 08 Mar 2024, 09:43
file size 36 080 008

Try do repet 36 080 008
Post 08 Mar 2024, 09:43
View user's profile Send private message Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 913
Location: Russia
macomics 08 Mar 2024, 09:48
Roman wrote:
file size 36 080 008

repet 36 080 008
Is it written on line 8?

Roman wrote:
Try do repet 36 080 008
What for? Just do the math. Then the size of the section will not be enough.

403000h+023F9000h=27FC000h < 280F880h

Quote:
gltfMapKeyNamesOfst rd 1
gltfMapKeyNames rb 64*gltf_names
gltflvlData rd 8000000
gltflvlDataCountrOfst rd 1
gltflvlDataCountr rd 1*gltf_names
gltflvlDataEnd:

gltflvlDataEnd - gltfMapKeyNamesOfst = 36 080 008


Last edited by macomics on 08 Mar 2024, 10:21; edited 1 time in total
Post 08 Mar 2024, 09:48
View user's profile Send private message Reply with quote
Roman



Joined: 21 Apr 2012
Posts: 1701
Roman 08 Mar 2024, 10:01
Code:
gltf_names = 60000
gltfMapKeyNamesOfst      rd 1
gltfMapKeyNames          rb 64*gltf_names  
gltflvlData              rd 8000000 
gltflvlDataCountrOfst    rd 1
gltflvlDataCountr        rd 1*gltf_names
gltflvlDataEnd:
    

In fasm
mov eax,gltflvlDataEnd-gltfMapKeyNamesOfst

IDA Pro show:
mov eax, 2268988h = 36 080 008

macomics
You variant work(and for me too) , because you do.
Code:
Status           rd      51200*1  ; error load  
                 rd      51200*7  ;with this load ok. Without load error                                                        
    


Try do
Code:
Status           rd      51200*1  ; error load      
Post 08 Mar 2024, 10:01
View user's profile Send private message Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 913
Location: Russia
macomics 08 Mar 2024, 10:25
In general, your problem is the address discrepancy: the section starts at 403000h, and you calculate the addresses for the 500000h buffer

The declared amount of data in the section is placed completely. But the base address of the buffer is incorrect because of the org directive. Don't use it, as Tomasz already said.


Last edited by macomics on 08 Mar 2024, 10:26; edited 1 time in total
Post 08 Mar 2024, 10:25
View user's profile Send private message Reply with quote
Roman



Joined: 21 Apr 2012
Posts: 1701
Roman 08 Mar 2024, 10:25
Quote:

The declared amount of data in the section is placed completely. But the base address of the buffer is incorrect because of the org directive. Don't use it, as Tomas already said.


Ok. How i do set start address(from 500000h) for .bss section data ?
And get correct result.

Tomasz Grysztar did org will it be fixed? Or add new command 'BeginFromAddr'


Last edited by Roman on 08 Mar 2024, 10:32; edited 2 times in total
Post 08 Mar 2024, 10:25
View user's profile Send private message Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 913
Location: Russia
macomics 08 Mar 2024, 10:28
Roman wrote:
How i do set start address(from 500000h) for .bss section data ?
The address cannot be set for a separate section. This is not provided by the PE format. But you can move the section so that its address starts where you need it within the image. To do this, add the data in the previous section until the starting address of the next section gets the desired value.
Roman wrote:
Tomasz Grysztar did org will it be fixed?
It worked correctly. It is you who are using it incorrectly. The logical addresses for the assembler have changed. No additional data appeared in the section. As it should be.
Post 08 Mar 2024, 10:28
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20118
Location: In your JS exploiting you and your system
revolution 08 Mar 2024, 16:43
Roman wrote:
Tomasz Grysztar did org will it be fixed? Or add new command 'BeginFromAddr'
Tomasz can't help you here, even if Tomasz wanted to make changes to do what you wanted, it isn't possible. The PE format doesn't support setting arbitrary address for each section.

To "fix" it you must manually create a memory region at the address you wanted. So you can call VirtualAlloc to make the necessary memory addresses available to you.

However, I suggest that you don't do any of that, because it is both unnecessary and not guaranteed to work the way you expect. Instead just use the normal PE sections the way they were designed, and let the loader do its job, then you will not have such problems.

TL;DR: Don't use org
Post 08 Mar 2024, 16:43
View user's profile Send private message Visit poster's website Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 3944
Location: vpcmipstrm
bitRAKE 08 Mar 2024, 18:40
With multiple fixed base address PE's it's possible to create a complex layout in memory. For example, if you create a DLL and set the base address.

Although there is no practical reason?

I've done it for fun because I wanted the addresses to also be valid code, lol.

If you want a buffer without ballooning the size of the executable, why not reserve the space at the end of the section? ... or create another .bss section? ... what is the actual goal?

_________________
¯\(°_o)/¯ “languages are not safe - uses can be” Bjarne Stroustrup
Post 08 Mar 2024, 18:40
View user's profile Send private message Visit poster's website Reply with quote
Furs



Joined: 04 Mar 2016
Posts: 2438
Furs 08 Mar 2024, 21:48
revolution wrote:
Tomasz can't help you here, even if Tomasz wanted to make changes to do what you wanted, it isn't possible. The PE format doesn't support setting arbitrary address for each section.
I'm obviously missing the context, because I'm pretty sure they have a start address...?
Post 08 Mar 2024, 21:48
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.