flat assembler
Message board for the users of flat assembler.

Index > Windows > What's the actual difference between COFF and MS COFF?

Author
Thread Post new topic Reply to topic
Ben321



Joined: 07 Dec 2017
Posts: 70
Ben321 30 Jul 2024, 05:07
I've heard there's some differences between the original version of the COFF format and the Microsoft version, but I haven't found any real explanation of what those differences are.
Post 30 Jul 2024, 05:07
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20334
Location: In your JS exploiting you and your system
revolution 30 Jul 2024, 06:56
According to fasm just two bytes.
Code:
~ diff <(echo format coff > x ; fasm x ; hd x.obj) <(echo format ms coff > y ; fasm y ; hd y.obj)
4c4
< 00000010  00 00 04 01 2e 66 6c 61  74 00 00 00 00 00 00 00  |.....flat.......|
---
> 00000010  00 00 84 01 2e 66 6c 61  74 00 00 00 00 00 00 00  |.....flat.......|
6c6
< 00000030  00 00 00 00 00 00 00 00  60 00 00 00 2e 66 6c 61  |........`....fla|
---
> 00000030  00 00 00 00 00 00 00 00  60 00 00 e0 2e 66 6c 61  |........`....fla|
~    
Post 30 Jul 2024, 06:56
View user's profile Send private message Visit poster's website Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 8353
Location: Kraków, Poland
Tomasz Grysztar 30 Jul 2024, 08:26
The most important one is that REL32 relocations are computed differently, compare the implementations in fasmg's coff.inc and coffms.inc.

Also, because Microsoft's variant has been developed further (and into 64-bit world), it has substantially more extensions, additional flags, etc. The basic variant follows the old DJGPP specification.
Post 30 Jul 2024, 08:26
View user's profile Send private message Visit poster's website Reply with quote
Ben321



Joined: 07 Dec 2017
Posts: 70
Ben321 02 Aug 2024, 20:56
Tomasz Grysztar wrote:
The most important one is that REL32 relocations are computed differently, compare the implementations in fasmg's coff.inc and coffms.inc.

Also, because Microsoft's variant has been developed further (and into 64-bit world), it has substantially more extensions, additional flags, etc. The basic variant follows the old DJGPP specification.


Interesting. What does the $% token mean in that source code?
Post 02 Aug 2024, 20:56
View user's profile Send private message Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 4037
Location: vpcmpistri
bitRAKE 02 Aug 2024, 22:06
These offsets occur in pairs and perhaps are understood better in the larger context presented in the manual:
Quote:
The $% is a built-in symbol equal to the offset within the output file at which the initialized data would be generated if it was defined at this point. The $%% symbol is the current offset within the output file. These two values differ only when they are used after some data has been reserved - the $% is then larger than $%% by the length of uninitialized data which would be generated into output if it was to be followed by some initialized one.
The other pair is $ and $@ which are offsets in the current address space.
Code:
                start           present*        end
address space   $$              $@              $
output file     0               $%%             $%    
* Often the present offset is equal to the end offset.

_________________
¯\(°_o)/¯ “languages are not safe - uses can be” Bjarne Stroustrup
Post 02 Aug 2024, 22:06
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.