flat assembler
Message board for the users of flat assembler.

Index > Windows > Forward Referencing

Author
Thread Post new topic Reply to topic
ic2



Joined: 19 Jan 2008
Posts: 75
ic2 12 Mar 2008, 13:21
What order would Fasm (and possible future Fasms) expect your sections to be lined up in order for code to build and run in the most efficient manner? In the end the code will forward reference nearly everything.

I seen many examples but some are difference and I want to be sure before setting up my project in Fasm. This is what I came up with so far... now i'm wondering if my most re-used structures and/or macros should be under another section near the end because I'll be using a lot of DWORD structures mainly. Is this ok? What about other types? Where should they go? Any suggestion with a briefly explanation would be greatly appreciated.


Thanks in advance


format PE GUI 4.0
entry start

include '\fasm\include\win32a.inc'

; .......................................................
section '.code' code readable executable

PUSH 0
CALL [GetModuleHandle]
mov [wc.hInstance],eax

; .......................................................
section '.idata' import data readable writeable

library kernel32,'KERNEL32.DLL',\
user32,'USER32.DLL',\

macro my_return val
{
mov eax,val
ret
}

; .......................................................
section '.data' data readable writeable

szString db 'String', 0
hWnd dd 0

; .......................................................
section '.udata' data readable writeable

hdc dd ?


reuse My_STUCTS

struct My_STUCTS
par1 dd ?
par2 dd ?
ends

cBuff db 200 DUP (?)

; .......................................................
section '.rsrc' resource data readable

icon icon1, icon1_data, 'Icons\icon1.ico'


;
Post 12 Mar 2008, 13:21
View user's profile Send private message Reply with quote
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP 12 Mar 2008, 14:24
I usually have my "global data", aka .udata, before my code, it helps me in debugging. I do not think that (unless you use relative addresses, like $-100), that having the frequently-used-data in any location matters at all.

Research how data is addressed by RAM (the actual circuitry only takes in the address bits, and gives back the value corresponding).

[EDIT] Okay, after closer looking at your section layout:

WTF??? You have macros in the import section, which is before the data sectio, the global data is at the end, wow... Okay, this is how I would recommend: Note, .data I think should be merged with .udata.

.udata - .code - .data - .rscs - .idata - .edata

And to answer other questions,
if(firstTimer & little_endian)
{you are going to have a fun time}.
I put my algo's data in the .udata section, and I change the color of my comments to a nice, pure blue (should be in options-appearance), this helps OHH SOO MUCH!!!. I have my sections clearly defined with a line of:
Code:
;----------------------------------------------------------
;
; code section - initialization code
;----------------------------------------------------------
    

for example. Most of my code uses clearly defined labels, and remember: if you are doing a big project, it may be thousands of lines, so comment alot! This is what mine look like:
Code:
; Obtain function parameter and import data

    mov       esi, [esp+8] 
    mov       edi, [foodptr]
    mov       ecx, 8  ; 8 dwords, 32 bytes
    rep        movsd

; Begin computations

; other code....
    

So, you get it. I think it is best to use 4 spaces before the instruction, five spaces after a three-letter instruction before its operands, and a space between the two (or three) operands. Like this:
Code:
    mov     ecx, [Food]
    

Oh, and also, I always put comments aligned to the left side, that's all that is against the left (except chinese labels @@). Things like 'section' or 'macro' are a space away from left.
it really structures your code well, and makes it a lot easier to read. Just a few tips for better looking projects, have fun!


Last edited by AlexP on 12 Mar 2008, 14:37; edited 2 times in total
Post 12 Mar 2008, 14:24
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20299
Location: In your JS exploiting you and your system
revolution 12 Mar 2008, 14:29
On the hardware side it matters little how you order the sections, just make sure you align any words/dwords/qwords/dqwords appropriately.

On the fasm side, you must define structures, equates and macros before they are used. They cannot be forward referenced.
Post 12 Mar 2008, 14:29
View user's profile Send private message Visit poster's website Reply with quote
ic2



Joined: 19 Jan 2008
Posts: 75
ic2 12 Mar 2008, 16:31
Thank you revolution, that's the bottom line. Now I don't have to code in fear of doing something backwards. I'm taking it one step at a time. For me it's all about style, convenience, visibility and getting the hang of Fasm. I been having a ball already. From what I read Fasm has the best of all worlds, Tasm, Masm Nasm with Fasm special goodies all built in. What a wonderful project. Thanks again

Quote:
WTF??? You have macros in the import section, which is before the data sectio, the global data is at the end,


hee hee... I didn't test it. I was just trying to see if difficult things may be possible. I gather from your reaction things are doable but it would be a waste of time trying with no real gain. hee hee hee


Quote:
wow... Okay, this is how I would recommend: Note, .data I think should be merged with .udata.

.udata - .code - .data - .rscs - .idata - .edata


You said merged but you still got .data. Why? What do you think about my next layout. Do it matter if I use .data instead of .udata and what is .edata used for. My guest is reuse My_STUCTS. As far as style I got a Masm32 project that look so pretty any code would trade their in girl friend for... hee hee. I like your style and there are a few tips that I'll be using for now on end.


format PE GUI 4.0
entry start

include '\fasm\include\win32a.inc'

macro my_return val ... all macros first
MY_MSG equ 1.......... than equates
struct My_STUCTS....... than all structs

; .......................................................
section '.code' code readable executable
; .......................................................
section '.idata' import data readable writeable
library kernel32,'KERNEL32.DLL'
; .......................................................
section '.data' data readable writeable

szString db 'String', 0
hWnd dd 0
hdc dd ?

cBuff db 200 DUP (?)

reuse My_STUCTS.... Ok or move them where???

; .......................................................
section '.rsrc' resource data readable

icon icon1, icon1_data, 'Icons\icon1.ico'

While I'm here I might as well tell you my next step. You are the man of equiption. Your confident is mind blowing. I been reading a lot . .. Both you guys know what your doing it seem.

Anyway, I have a Masm32 project with a ton and a half of basic ASM coding that worked perfect for Win95 thru XP... About a month ago I decided to install service pack2 and it broke my fu^ki?g app. So instead of re-building it right now... it gave me the perfect excuse to finally try Fasm. I always want to try for years but it looked so difficult and I never liked math. Now I like math.

As I rebuild I plan to encrypt my strings one by one as I add them. I plan to crypt my code block by block as I add them. I need the best possible thing to use to do this... By time I am finish you will have your Extreme AES Encryption Library Than after I'm finish I

Hey hey hey... I just went looking for your old page to get some info and ran into your new thread. I see you are finish. Congratulation!!!

Anyway, I going multiple encryption. First to use something built in than when I'm finish use your creation to finish it off. I just want to dish out a few headaches when someone try to crack my 3 year project, after that I really don't care.

Can you provide some suggestions at you new thread. Wow!!! your thread took the words right off my keyboad. Going back to read more about it again.


Thanks
Post 12 Mar 2008, 16:31
View user's profile Send private message Reply with quote
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP 12 Mar 2008, 21:57
Okay, I put together my template for my projects. should help you. Yeah, .edata is .dll exports. Umm, please define "provide some suggestions at your new thread".

I'll be glad to help with whatever you would like, right now I'm totally re-doing my old SHA library to be good. Anyways, here's a good template that I use:
Code:
; -----------------------------------------------------------------------------
; Major.Minor.Build: 0.0.0
; -----------------------------------------------------------------------------
; Copyright (c) 2008, Alex Patterson, Greenville, WI. All rights reserved.
;
; License Terms
; 
; The free distribution and use of this software is allowed (with or without
;  changes) provided that:
;
;  1. Source code distributions include the above copyright notice, this
;      list of conditions and the following disclaimer.
; 
;  2. Binary distributions include the above copyright notice, this list
;      of conditions and the following disclaimer in their documentation.
; 
;  3. The name of the copyright holder is not used to endorse products
;      built using this software without specific written permission.
; 
; Disclaimer
; 
; This software is provided 'as is' by the author, who assumes no
;  liability for any and all negative results of using this software.
; -----------------------------------------------------------------------------
; Issue Date < release date > day/month/year
;
; < Project summary >
;
;  < Calling Interfaces (like parameters)
;
;  MyFunction (int Food, byte Doggy[], *Penguin);
;
;  < And here's where I usually put my calling convention used >
;  < BTW, usually you use this convention for Windows >
;
; In this implementation the stdcall convention is used, where the parameters
;  are pushed in reverse order onto the stack, and the callee clears the
;  stack frame.  The standard callback registers are preserved across calls
;  to these functions, including ebx,esi,edi,& ebp.

; -----------------------------------------------------------------------------
;
; fasm PE file headers
; -----------------------------------------------------------------------------

 format PE GUI 4.0 DLL
; For a .exe format, use format PE GUI 4.0 or format PE console 
; Here's wherever your FASM\INCLUDE folder is on your drive
 include '%fasm%\win32ax.inc'

; -----------------------------------------------------------------------------
;
; algorithm constants
; -----------------------------------------------------------------------------

; These help alot! Like:  mov eax, b[esp+1], simplifies things...
 b equ byte
 d equ dword

; stack frame

; My offsets to parameters, also make code much more readable
 sha_in_blk       = 4  ; stack offset to "in" block parameter
 sha_out_blk      = 8  ; stack offset to "out" block parameter
 sha_size_int     = 12 ; stack offset to size in bytes of "in" block
 sha_stack_space  = 16 ; size of registers to preserve on stack

; -----------------------------------------------------------------------------
;
; structures
; -----------------------------------------------------------------------------
 struct My_Struct

; And whatever structures you would like...

 ends
; -----------------------------------------------------------------------------
;
; '.udata' section - memory of constants | variables
; -----------------------------------------------------------------------------
 section '.udata' data readable writeable
 align 16
; Declaration of structures, any memory used by the code

; -----------------------------------------------------------------------------
;
; core sha routine macros (Just for mine, call it whatever u want)
; -----------------------------------------------------------------------------

; Here, put whatever macros you want...
 macro ch {}
 macro maj {}
 macro sigma0 {}
 macro sigma1 {}
 macro alpha0 {}
 macro alpha1 {}

; -----------------------------------------------------------------------------
;
; common stack routine macros
; -----------------------------------------------------------------------------

; This really helps alot!  Preservs four main callback registers.

 macro preserve_callback_regs {

    sub     esp, sha_stack_space
    mov     [esp+ 0], ebx
    mov     [esp+ 4], ebp
    mov     [esp+ 8], edi
    mov     [esp+12], esi    }

 macro restore_callback_regs ret_val {

    mov     ebx, [esp+ 0]
    mov     ebp, [esp+ 4]
    mov     edi, [esp+ 8]
    mov     esi, [esp+12]
    add     esp, sha_stack_space
    ret     ret_val  }

; -----------------------------------------------------------------------------
;
; '.code' section
; -----------------------------------------------------------------------------
 section '.code' code readable writeable
; entry point should be pointed to here, main code... (or initialization)

; -----------------------------------------------------------------------------
;
; sha hashing - user interface
; -----------------------------------------------------------------------------
 sha_hashblock:

; preserve registers

    preserve_callback_regs

; All your code...

; restore registers and return

    restore_callback_regs 12

; -----------------------------------------------------------------------------
;
; '.edata' section - library exports
; -----------------------------------------------------------------------------
; you don't need this if you use an .exe

 section '.edata' export data readable

 export 'SHA.dll',\
     sha_hashblock,'SHA_HashBlock'

; you don't need this either for an .exe, just include it for .dll.
; -----------------------------------------------------------------------------
;
; '.reloc' section - library relocations
; -----------------------------------------------------------------------------
 section '.reloc' fixups data discardable
    

And, if you ever need any help you can reach email at alexpatterson@hasd.org, feel free. (SOO LONNEELYY!!) lol.

Good luck with your project! (What are you doing again?)

[EDIT] I would LOVE for somebody to make good use out of my code, but you would have to describe GREAT detail to me about how it works, so I can re-configure it to work the best it can in your environment. Please email me and keep me posted as to how it's going!
Post 12 Mar 2008, 21:57
View user's profile Send private message Visit poster's website Reply with quote
ic2



Joined: 19 Jan 2008
Posts: 75
ic2 13 Mar 2008, 00:05
Quote:
please define "provide some suggestions at your new thread".

I got lost in words at that moment. I don't know much about strong encryption. I never tried and want to start small with some good xor'ing. But I'll figure that out. There a lot of good example around and I'm just beginning to find them. The ones I use is not worth even talking about. I will be reading about it for a couple of weeks anyway while I try to figure out how to use your library properly. This is a great start. I will be basing my Fasm set up on your example. It explains enough to get me going a whole lot quicker.
Quote:
Good luck with your project! (What are you doing again?)

Getting ready to go have lunch... hee hee
but anyway, it's no secrete. I maintain a couple of self written applications for a few small businesses. They know nothing much about computers and they think i'm a miracle worker (it's my self made job Smile ). Nothing special but, but now I got to get more serious and learn it all. Who knows what cracker lurks behind a desk with some free time to kill. We both need a couple of weeks. Never rush a project. It drawn bugs. If it's can't be prefect I won't write it. Other than ServicePack2 ripping my app apart I owe hutch and community big time. It was his encouragement that help me make up my mind to take this dive into Fasm. Before that I was only peeping in and wondering as usual. It's easier than I thought. I'll surly will get back with you soon. Thanks a heck of a lot. You guys saved me a lot of worries. For me details comes first. I'll play for weeks, even months with the smallest of things. So the minute I get to the library and if I find something (extra right or any wrong) I will let you know immediately.


Good Luck


Last edited by ic2 on 13 Mar 2008, 01:39; edited 1 time in total
Post 13 Mar 2008, 00:05
View user's profile Send private message Reply with quote
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP 13 Mar 2008, 01:29
Sounds great, my library is the strongest (from the standard) of AES encryption, you probably know it as the encryption standard for today. My library takes in 16 bytes of data, and a 32-byte key.

Please leave the mode of operation to someone who's done it before, if you mean to actually use my AES code then just tell me, don't use that library alone. Encrypting 16 bytes at a time reveals code patterns, which can give away major clues to your data.

Just tell me and I'll add a project to my list, a feedback mode library to add on to AES. I'll probably do it anyway, have fun making your.. uh... "top secret thing".

[EDIT] Oh yeah, encrypting your code (like decrypting on every function call?) does not make it invisible to reversers. You would not believe some of the tricks and crazy things I've seen for obfuscation, nonetheless all of the other much more experienced people here. In Windows, nothing is safe, and you will never get your code fully protected.
Post 13 Mar 2008, 01:29
View user's profile Send private message Visit poster's website Reply with quote
ic2



Joined: 19 Jan 2008
Posts: 75
ic2 13 Mar 2008, 01:54
Ya ... you Fasm people are the Monsters of the Midway ... I forgot why I was so afraid of Fasm... I might get hit by the TRUTH.

Coming from a person who wrote the book (Encryption Libraries) among his other ASM Kings, Thanks again for saving me from another worry. I'll talk latter about your project list. I'll be reading more about Encryption to see where it applies in the real world. It's going to be interesting.
Post 13 Mar 2008, 01:54
View user's profile Send private message Reply with quote
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP 13 Mar 2008, 02:26
K, I would lean more towards RSA for modern-day applications, though a RSA-AES hybrid is a very interesting thing! Hybrids like this use a public-key to encrypt the symmetric key, so the code is encrypted fast, but the key is crypted with RSA. This does not make it any stronger than AES, but it does make a very interesting concept!
Post 13 Mar 2008, 02:26
View user's profile Send private message Visit poster's website Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid 13 Mar 2008, 10:00
it's customary for code section to be first in PE
Post 13 Mar 2008, 10:00
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP 13 Mar 2008, 21:06
vid wrote:
it's customary for code section to be first in PE

Hmm, I usually place my data section, '.udata', before the code section.
Post 13 Mar 2008, 21:06
View user's profile Send private message Visit poster's website Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid 13 Mar 2008, 21:34
AlexP: then you can expect problems with some PE utilities that only work with "standard" PEs (such that are spit out by all compilers except FASM)
Post 13 Mar 2008, 21:34
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
ic2



Joined: 19 Jan 2008
Posts: 75
ic2 13 Mar 2008, 23:53
One thing I know for sure and that's Masm will place your '.udata' 2nd or 3rd to the bottom and all ‘idata' at the very bottom. Your '.data' section will be at the top or 2nd from the top. I guest the PE is at the very top. Most pe dumper separate them. With Masm you have no say-so where any section is placed. It been a while since I use to dump my Masm files but this is the standard Masm order:

MZ-PE Header
Constance, macros
Data Sring and dd 0
dwords and byte dup ?
Struct data
import string **
API dwords


I'll do some re-checking shortly.

BTW: is there a dumper that will dump the whole exe all in one file.

Not sure about Fasm yet. I'm still playing with it and comparing things as I go. One thing I think is if you use only the .data section for all types of data it will force your .udata under all string data and the PE will automatically place it import and API to the bottom of the file. So if you write Masm style Fasm may place sections in all standard locations.

If you write Fasm style it may allow some section to be place where you write them. Hopefully the rest is left up to us to do our own trial and errors ... at lease that what I thought made Fasm so popular even at universities and the hac^er world. I don't know for sure. It can be related to this thread question if taken farther.

vid, Fasm package has a Masm style (.data section at the top) example. If I used it I would put a .udata section up there by nature.. Funny, This is what lead me to this question in the first place cause I was wondering if the win32 example is where to start wrting my code in. Look what that (one and only example) did to my friend here and almost got me. hee hee Shocked
Post 13 Mar 2008, 23:53
View user's profile Send private message Reply with quote
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP 14 Mar 2008, 00:43
Well, for now, I'll stick with my .udata on the top. In it, I declare all my structures, strings, data, anything that I need.

Well, I have all of tonight, tomorrow, saturday, and sunday to have fun with SHA (again?!). I had a great versio working fine before, but after finishing AES and realizing my SHA version was horrible coding style, I didn't even both looking at it.

Sometimes, you have to take a step back, keep an open mind, and shift-delete.
Post 14 Mar 2008, 00:43
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.