Error in defining local variables(PROC64.INC and PROC32.INC)

Index > Macroinstructions > Error in defining local variables(PROC64.INC and PROC32.INC)

Author

Thread

Bird of Hermes

Joined: 02 Nov 2024
Posts: 7
Location: Russia

Bird of Hermes 03 May 2025, 11:14

I found this bug while trying to make my own macros "align" for local variables. If you define local variable as

Code:

a dd 1, 2, 3, 4

Local variable "a" takes address of last dword, not first.
After a few tries to find out where I was wrong, I decided to open PROC64.INC and read it more thoroughly. I found this

Code:

struc db [val] \\{ \common deflocal@proc .,db,val \\}
struc du [val] \\{ \common deflocal@proc .,du,val \\}
struc dw [val] \\{ \common deflocal@proc .,dw,val \\}
struc dp [val] \\{ \common deflocal@proc .,dp,val \\}
struc dd [val] \\{ \common deflocal@proc .,dd,val \\}
struc dt [val] \\{ \common deflocal@proc .,dt,val \\}
struc dq [val] \\{ \common deflocal@proc .,dq,val \\}

Problem was in using common directive - there are not enough backslashes before it. If you want to fix it - just place one more backslash before every common directive in locals macro definition in PROC64.INC and PROC32.INC.
I think this bug really very important, because if you use local structure object with field defined like this, you may not even know what's wrong when you reference to this field.
P.S. My english isn't very good, but I hope i explain myself quite clearly
P.P.S. I found out why this happened - it's because I split the code into separate lines when I was reading standard macros. It's still error in code, but it's not critical. I still think it must be edited in standard macro package

_________________
If something can't be done with macros, then there were too few macros.

Last edited by Bird of Hermes on 03 May 2025, 17:33; edited 2 times in total

03 May 2025, 11:14

revolution
When all else fails, read the source

Joined: 24 Aug 2004
Posts: 20625
Location: In your JS exploiting you and your system

revolution 03 May 2025, 11:30

Works for me:

Code:

$ cat test.asm 
include 'win32a.inc'
proc z
locals
a dd 1,2,3,4
endl
mov eax,[a]
endp
jmp z
$ fasm test.asm 
flat assembler  version 1.73.31  (16384 kilobytes memory)
3 passes, 52 bytes.

$ ndisasm test.bin 
00000000  6655              push ebp
00000002  6689E5            mov ebp,esp
00000005  6683EC10          sub esp,byte +0x10
00000009  6766C745F0010000  mov dword [ebp-0x10],0x1
         -00
00000012  6766C745F4020000  mov dword [ebp-0xc],0x2
         -00
0000001B  6766C745F8030000  mov dword [ebp-0x8],0x3
         -00
00000024  6766C745FC040000  mov dword [ebp-0x4],0x4
         -00
0000002D  67668B45F0        mov eax,[ebp-0x10]
00000032  EBCC              jmp short 0x0

Please post some minimised code that fails for you.

03 May 2025, 11:30

Bird of Hermes

Joined: 02 Nov 2024
Posts: 7
Location: Russia

Bird of Hermes 03 May 2025, 17:10

revolution wrote:

Works for me:

Code:

$ cat test.asm 
include 'win32a.inc'
proc z
locals
a dd 1,2,3,4
endl
mov eax,[a]
endp
jmp z
$ fasm test.asm 
flat assembler  version 1.73.31  (16384 kilobytes memory)
3 passes, 52 bytes.

$ ndisasm test.bin 
00000000  6655              push ebp
00000002  6689E5            mov ebp,esp
00000005  6683EC10          sub esp,byte +0x10
00000009  6766C745F0010000  mov dword [ebp-0x10],0x1
         -00
00000012  6766C745F4020000  mov dword [ebp-0xc],0x2
         -00
0000001B  6766C745F8030000  mov dword [ebp-0x8],0x3
         -00
00000024  6766C745FC040000  mov dword [ebp-0x4],0x4
         -00
0000002D  67668B45F0        mov eax,[ebp-0x10]
00000032  EBCC              jmp short 0x0

Please post some minimised code that fails for you.

Code:


format pe64 console
include 'win64a.inc'
proc z
        locals
                a dd 1,2,3,4
        endl
        mov eax,[a]
endp
jmp z

000000000040 | 55                 | push    rbp                                                     |                 
000000000040 | 48:89E5            | mov     rbp,rsp                                                 |
000000000040 | 48:83EC 10         | sub     rsp,10                                                  |
000000000040 | C745 F0 01000000   | mov     dword ptr ss:[rbp-10],1                                 |
000000000040 | C745 F4 02000000   | mov     dword ptr ss:[rbp-C],2                                  |
000000000040 | C745 F8 03000000   | mov     dword ptr ss:[rbp-8],3                                  |
000000000040 | C745 FC 04000000   | mov     dword ptr ss:[rbp-4],4                                  |
000000000040 | 8B45 FC            | mov     eax,dword ptr ss:[rbp-4]                                | eax:EntryPoint
000000000040 | EB D7              | jmp     <test.OptionalHeader.AddressOfEntryPoint>               |

I think I found out why this happened to me. When I was reading standard macros, I broke them into separate lines to make it easier to understand the logic (apparently, within one line, double escaping simply worked for the entire line of the macro), and when I moved it, it was revealed. This is still an error made when writing the code, when standard macros were written, but it became critical exactly at the moment when I decided to understand that code)

_________________
If something can't be done with macros, then there were too few macros.

03 May 2025, 17:10

revolution
When all else fails, read the source

Joined: 24 Aug 2004
Posts: 20625
Location: In your JS exploiting you and your system

revolution 04 May 2025, 02:24

The code you posted also works for me.

Code:

00000000  55                push rbp
00000001  4889E5            mov rbp,rsp
00000004  4883EC10          sub rsp,byte +0x10
00000008  C745F001000000    mov dword [rbp-0x10],0x1
0000000F  C745F402000000    mov dword [rbp-0xc],0x2
00000016  C745F803000000    mov dword [rbp-0x8],0x3
0000001D  C745FC04000000    mov dword [rbp-0x4],0x4
00000024  8B45F0            mov eax,[rbp-0x10]
00000027  EBD7              jmp short 0x0

Please show all that you have. It is hard to help fix the problem when the code is hidden.

04 May 2025, 02:24

Bird of Hermes

Joined: 02 Nov 2024
Posts: 7
Location: Russia

Bird of Hermes 04 May 2025, 14:28

revolution wrote:

The code you posted also works for me.

Code:

00000000  55                push rbp
00000001  4889E5            mov rbp,rsp
00000004  4883EC10          sub rsp,byte +0x10
00000008  C745F001000000    mov dword [rbp-0x10],0x1
0000000F  C745F402000000    mov dword [rbp-0xc],0x2
00000016  C745F803000000    mov dword [rbp-0x8],0x3
0000001D  C745FC04000000    mov dword [rbp-0x4],0x4
00000024  8B45F0            mov eax,[rbp-0x10]
00000027  EBD7              jmp short 0x0

Please show all that you have. It is hard to help fix the problem when the code is hidden.

I already figured out what the problem was, I changed my own PROC64.INC for better readability, and that's why the single-line macro definition was split into 2 lines. In the single-line definition, the escape slashes were spread over the entire line and that's why the problem didn't occur, but when I moved it broke. I still think that this is a developer error, which doesn't lead to a bug under normal conditions because the macros are defined in one line

_________________
If something can't be done with macros, then there were too few macros.

04 May 2025, 14:28

< Last Thread | Next Thread >

Forum Rules:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum