flat assembler
Message board for the users of flat assembler.

Index > Macroinstructions > somewhat complex masm struct

Goto page Previous  1, 2
Author
Thread Post new topic Reply to topic
okasvi



Joined: 18 Aug 2005
Posts: 382
Location: Finland
okasvi 22 Apr 2006, 14:21
wow, nice thanks alot for both replies, The_Grey_Beast why dont you write a tutorial or something Very Happy
Post 22 Apr 2006, 14:21
View user's profile Send private message MSN Messenger Reply with quote
Madis731



Joined: 25 Sep 2003
Posts: 2139
Location: Estonia
Madis731 22 Apr 2006, 14:40
Hey, but what should the function do in the first place - maybe we can come up with a simpler version if we knew where and how's it used.
Thanks!
Post 22 Apr 2006, 14:40
View user's profile Send private message Visit poster's website Yahoo Messenger MSN Messenger Reply with quote
okasvi



Joined: 18 Aug 2005
Posts: 382
Location: Finland
okasvi 22 Apr 2006, 14:53
no need for that, your version functions correctly Smile
Post 22 Apr 2006, 14:53
View user's profile Send private message MSN Messenger Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2465
Location: Bucharest, Romania
Borsuc 22 Apr 2006, 14:58
Madis731 wrote:
PS Would anyone be kind enough to decrypt this easy-to-read Smile C-code for me:
sum+=*((UCHAR*)&p[i]+j);

Wow, that's what I call a mess of C code Smile
I think it says
Code:
sum+=*((UCHAR*)(&p[i])+j);    
that's the '+' has lower precedence.

That "UCHAR" there is important, else it would "scale" j by whatever size was before &p[i] (i.e j*sizeof(long) or somesuch). UCHAR is used to stop it from scaling it (i.e just j). this is because UCHAR is unsigned char in C, thus a byte.

What the code really does is: it adds to the sum, the value where p+i*4+j points (if you prefer [p+(i*4)+j] in asm without registers, you get the idea). or something similar (note we're neglecting the scaling of C, that's why it had to be done that "ugly" way).

But more than that, I'm confused about it too. If comments were included... Smile
Post 22 Apr 2006, 14:58
View user's profile Send private message Reply with quote
okasvi



Joined: 18 Aug 2005
Posts: 382
Location: Finland
okasvi 22 Apr 2006, 15:15
ok, here it is all:
Code:
extern "C"
{

#include <wdm.h>
#include "func.h"
#include "debug.h"

int func_is_good_read_ptr(PVOID buf,ULONG size);
} //extern "C"

/*
 this function checks user buffer for read access 
 returns true if the buffer is ok
*/

int func_is_good_read_ptr(PVOID buf,ULONG size)
{
  DbgMsg("func.cpp: func_is_good_read_ptr(buf:0x%.8X;size:0x%.8X)",buf,size);

  int res=TRUE;

  __try
  {
    ProbeForRead(buf,size,sizeof(char));
    ULONG sum=0;
    PULONG p=(PULONG)buf;
    int i;
    for (i=0;i<(int)(size/sizeof(ULONG));i++) sum+=p[i];
    for (int j=0;j<(int)(size%sizeof(ULONG));j++) sum+=*((UCHAR*)&p[i]+j);
  } __except(EXCEPTION_EXECUTE_HANDLER)
  {
    DbgPrint("func.cpp: func_is_good_read_ptr error: exception occurred");
    res=FALSE;
  }

  DbgMsg("func.cpp: func_is_good_read_ptr(-):%d",res);
  return res;
}    


this is what i have atm:
Code:
proc func_is_good_read_ptr, buf, _size
        local result:DWORD
        
        push    [_size]
        push    [buf]
        push    szDbgMsgFunc1
        call    [DbgPrint]
        
        mov             [result], TRUE
        
        ; install SEH frame
        push    ExceptionHandler
        push    dword [fs:0]
        mov             [seh.OrgEsp], esp
        mov             [seh.OrgEbp], ebp
        mov             [seh.SaveEip], exception
        mov             [fs:0], esp
        
        push    1
        push    [_size]
        push    [buf]
        call    [ProbeForRead]
        
;    ULONG sum=0;
;    PULONG p=(PULONG)buf;
;    int i;
;    for (i=0;i<(int)(size/sizeof(ULONG));i++) sum+=p[i];
;    for (int j=0;j<(int)(size%sizeof(ULONG));j++) sum+=*((UCHAR*)&p[i]+j);
        xor             eax, eax         ; sum
        mov             esi, [buf]       ; p
        xor             ecx, ecx         ; i
round1:
        cmp             ecx, [_size]
        jc              exitround1
        add             eax, [esi+ecx]

        xor             edx, edx         ; lets use edx as j
        mov             edi, [_size]
        and             edi, 11b         ; s%4
        push    esi             ; We reassign esi because
        lea             esi, [esi+ecx]   ; [esi+ecx+edx] is not allowed Sad
round2:
                cmp             edx, edi
                jc              exitround2
                movzx   ebx, byte [esi+edx]
                add             eax, ebx
                add             edx, 1
                jmp             round2
exitround2:
        pop             esi
        add             ecx, 4           ; usually a DWORD so =4
        jmp             round1
exitround1:

        ; remove SEH frame
        pop             dword [fs:0]
        add             esp, 4
        
        push    [result]
        push    szDbgMsgFunc2
        call    [DbgPrint]
        jmp             @f
exception:
        mov             [result], FALSE
        @@:
        mov             eax, [result]
        ret
endp    
Post 22 Apr 2006, 15:15
View user's profile Send private message MSN Messenger Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.