flat assembler
Message board for the users of flat assembler.

Index > Main > 2 beginner questions

Author
Thread Post new topic Reply to topic
zxcv
Guest




zxcv
Im noob on fasm, so please help me understanging few things.

1. Is there a sizeof macro? It would help to count bytes declared as strings. Eg. string db 'long buff'

2. Why i cant push on stack [register]
push [ebx] > error: operand size not specified.
Only 4bytes elements can go on stack, so why its error? Only 4 bytes (or 8 in 64bit procesors) should go. Compiler makes from it push [ebx] anyway.
why i have to use push dword [ebx] or word [ebx]? What the diffrence?
Post 13 Dec 2007, 19:52
Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 7802
Location: Kraków, Poland
Tomasz Grysztar
zxcv wrote:
1. Is there a sizeof macro? It would help to count bytes declared as strings. Eg. string db 'long buff'

See the "struc db" example in the section 2.3.4 of the manual. You may also look here.
zxcv wrote:
2. Why i cant push on stack [register]
push [ebx] > error: operand size not specified.
Only 4bytes elements can go on stack, so why its error? Only 4 bytes (or 8 in 64bit procesors) should go. Compiler makes from it push [ebx] anyway.
why i have to use push dword [ebx] or word [ebx]? What the diffrence?

"push dword [ebx]" and "push word [ebx]" are different instructions, which both are valid in either 16-bit or 32-bit mode. For this reason "push [ebx]" is ambiguous. You may however write "pushd [ebx]" as a shorter form that specifies that the 4 bytes should be stored (not 2). You may also find it all in manual.
Post 13 Dec 2007, 21:57
View user's profile Send private message Visit poster's website Reply with quote
zxcv
Guest




zxcv
thanks much, you helped me.
Post 13 Dec 2007, 22:37
Reply with quote
zxcv
Guest




zxcv
1 more:

in esi i have addres of some memory, and i want to readprocessmemory from other process like that:

..
push esi+8
..
call [rpm]

but it doesnt work...
Post 14 Dec 2007, 00:03
Reply with quote
edfed



Joined: 20 Feb 2006
Posts: 4242
Location: 2018
edfed
programming under windows?
in this case, goto windows section...

why push esi+8?
push esi only can be good!
rpm, is it a far pointer or a near pointer?
Post 14 Dec 2007, 00:36
View user's profile Send private message Visit poster's website Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
Quote:

push esi+8

Do you need the result of "esi+8" on stack or the memory content at [esi+8]?

Code:
; To push ESI+8
lea eax, [esi+8] ; Of course previous content of EAX register will be lost here
push eax

; To push the memory contents at ESI+8 address

push dword [esi+8]    


If you don't know assembly basics I recommend to learn those before starting to write complicated programs. Even if your intention is just patch/crack something, basics are mandatory knowledge.
Post 14 Dec 2007, 01:12
View user's profile Send private message Reply with quote
zxcv
Guest




zxcv
im learning it all time, but simply i dont have any good book/ebook/other source

Quote:
Do you need the result of "esi+8" on stack or the memory content at [esi+8]?

i need to add 8 to esi, and get memory pointed by esi+8.
Post 14 Dec 2007, 02:01
Reply with quote
edfed



Joined: 20 Feb 2006
Posts: 4242
Location: 2018
edfed
simple
...
call idontknowwhatyouwant
...

idontknowwhatyouwant:
mov eax,[esi+8]
ret

no need to push registers when you access them in the called procedure with the same value than in the caller procedure.
you see?

to learn assembly, the first step is to try everything, find solutions by yourself, training your brain to asm programming, the only tutorial you need to read in assembly is the one who explain the instructions.

the forum is good for that.
but if you don't know how to access memory with a register, you first need to read the more thread you can before posting questions.
we cannot understand for you.
Post 14 Dec 2007, 02:15
View user's profile Send private message Visit poster's website Reply with quote
zxcv
Guest




zxcv
maybe i give you a code:
Code:
push 1024
call [malloc]
mov esi, eax
push 1024
push 0
push esi
call [memset]
add esp, 16


push 666
push 0
push PROCESS_VM_READ
call [OpenProcess]
mov ebx, eax


push 0
push 32
push esi
push 0x666
push ebx
call [ReadProcessMemory]

push 0
push 32
push dword [esi+32] ;<it actually pushes memory allocated by malloc, not address. Esp points a block of memory (filed by previous readproc..). I want to append to this memory new data. I hope you know what i mean.
push 0x666
push ebx
call [ReadProcessMemory]

push ebx
call [CloseHandle]    
Post 14 Dec 2007, 05:34
Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.