flat assembler
Message board for the users of flat assembler.

Index > Compiler Internals > Error 200 - BUG with FASM's "format MZ"

Goto page 1, 2  Next
Author
Thread Post new topic Reply to topic
DOS386



Joined: 08 Dec 2006
Posts: 1901
DOS386
Code:
;
; Was FASM example of writing simple EXE program using "format MZ" ,
; But now "MZ-header-$0200-BUG" test :
; File will have $0400 bytes, but header will say $0200,2 instead of 0,2 !!!
;

format MZ as "EXE"

stack $1000
heap 0

        push    cs
        pop     ds

        mov     ah,9
        mov     dx,txhello
        int     $21        ; Print to screen

        mov     ax,$4C00
        int     $21        ; Exit from EXE

txhello: db 'Hello world !',$0D,$0A,$24

        db 962 dup (0)
;END.
    


FASM has a bug with "format MZ":

If file size is an integer factor of $0200, it sets the "AmountOfBlocks" correctly, but the "LastBlockSize" to $0200, while it should be 0. link and link. Even worse, the bug occurs in FASM 2 times, one time when generating MZ, plus when placing a stub into "format PE" - it "understands" its own stubs, but fails on valid stubs from other sources if they have a size divisible by $0200.

Could this be fixed in 1.67.27 ?

_________________
Bug Nr.: 12345

Title: Hello World program compiles to 100 KB !!!

Status: Closed: NOT a Bug
Post 14 Mar 2008, 02:16
View user's profile Send private message Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1901
DOS386
Related issue: when building a PE on the top of a MZ stub, FASM enhances the MZ header to $40 bytes. This is not always appreciated

Code:
format PE GUI 4.0 DLL at 7000000h on 'stub.exe'    


a way to disable this behavior like

Code:
format PE GUI 4.0 DLL at 7000000h ontop 'stub.exe'    


would be great Smile
Post 11 Jul 2008, 08:08
View user's profile Send private message Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 7802
Location: Kraków, Poland
Tomasz Grysztar
DOS386 wrote:
Related issue: when building a PE on the top of a MZ stub, FASM enhances the MZ header to $40 bytes. This is not always appreciated

But how can I store the PE header offset there otherwise?
Post 11 Jul 2008, 09:18
View user's profile Send private message Visit poster's website Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1901
DOS386
Tomasz Grysztar wrote:
But how can I store the PE header offset there otherwise?


The 4 bytes are already reserved Idea

http://board.flatassembler.net/topic.php?t=8316

Code:
; This follows a $20 bytes long MZ header
 
org 0 ; 2nd Very Happy

; [8086]

  ; Here starting from DOS: DS = ???/PSP | ES = (seg-addr) of PSP
 ; We have exactly 28 bytes left before 0,0,0,0

  mov    ax,$7202            ; 3   -> 3
    push   ax
   popf                       ; This is not 100% safe from "V86" , but sufficient here
       pushf
       pop    bx                  ; 4x1 -> 7
    cmp    ax,bx               ; 2   -> 9
    je     short llmover       ; 2   -> 11 | OK we have at least 80386
       call   ssprint+ccmoversize ; 3   -> 14 final size | !!!! "org" missmatch
       db "Need 80386",0
 jmp    near llabort+ccmoversize ; "org" issue again
       ;------------------------------

 if $<>28
        error "You have a 80386 size BUG !!!"
   end if

  db 0,0,0,0         ; PE position

llmover: ; This was "main" , here "org" is 32 = $20
  ; Here still DS = ???/PSP | ES = (seg-addr) of PSP
  ; Also CS = SS , because of our COOL MZ header Very Happy

; [80286]
     push  cs
    pop   ds
    cld                   ; !!!
         mov   dx,es           ; Save PSP in DX
      mov   ax,[es:2]       ; !!! PSP !!! | Top of memory | Absolute (seg-addr) ?
     sub   ax,vvlolodiv16  ; AX := top - lolospacetotal (in par)
     mov   es,ax           ; Dest of move
        mov   ss,ax
         ; SS is ^^^ now also (top-lolospacetotal)
   ; Switch ^^^ SS first / only, CS later, keep SP as-is
    

_________________
Bug Nr.: 12345

Title: Hello World program compiles to 100 KB !!!

Status: Closed: NOT a Bug
Post 11 Jul 2008, 10:52
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17715
Location: In your JS exploiting you and your system
revolution
I think you will find that the pointer to the PE header must be at 0x3C. If you put it at 0x1C then the OS won't see it.
Post 11 Jul 2008, 11:08
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17715
Location: In your JS exploiting you and your system
revolution
This is from the MS structure:
Code:
typedef struct _IMAGE_DOS_HEADER {  // DOS .EXE header
     USHORT e_magic;         // Magic number
     USHORT e_cblp;          // Bytes on last page of file
     USHORT e_cp;            // Pages in file
     USHORT e_crlc;          // Relocations
     USHORT e_cparhdr;       // Size of header in paragraphs
     USHORT e_minalloc;      // Minimum extra paragraphs needed
     USHORT e_maxalloc;      // Maximum extra paragraphs needed
     USHORT e_ss;            // Initial (relative) SS value
     USHORT e_sp;            // Initial SP value
     USHORT e_csum;          // Checksum
     USHORT e_ip;            // Initial IP value
     USHORT e_cs;            // Initial (relative) CS value
     USHORT e_lfarlc;        // File address of relocation table
     USHORT e_ovno;          // Overlay number
     USHORT e_res[4];        // Reserved words
     USHORT e_oemid;         // OEM identifier (for e_oeminfo)
     USHORT e_oeminfo;       // OEM information; e_oemid specific
     USHORT e_res2[10];      // Reserved words
     LONG   e_lfanew;        // File address of new exe header
   } IMAGE_DOS_HEADER, *PIMAGE_DOS_HEADER;    
e_lfanew is the pointer to the PE signature/header.
Post 11 Jul 2008, 11:13
View user's profile Send private message Visit poster's website Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1901
DOS386
revolution wrote:
I think you will find


NO. Already known fact.

Quote:
that the pointer to the PE header must be at 0x3C.


But I do place it at $3C (RTFS ^^^) ... or 0x3C for C guru's Shocked

Quote:
If you put it at 0x1C then the OS won't see it.


DPMILD32 or LOADPEX neither Idea

_________________
Bug Nr.: 12345

Title: Hello World program compiles to 100 KB !!!

Status: Closed: NOT a Bug
Post 11 Jul 2008, 11:40
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17715
Location: In your JS exploiting you and your system
revolution
Maybe I misunderstand your code:
Code:
        if $<>28
          error "You have a 80386 size BUG !!!"
        end if

        db 0,0,0,0         ; PE position    
What does the value 28 mean there? It looks like you put the PE header pointer at 0x1C (28).
Post 11 Jul 2008, 11:45
View user's profile Send private message Visit poster's website Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1901
DOS386
revolution wrote:
Maybe I misunderstand your code


YES.

> What does the value 28 mean there?

It's $1C - since org was set to 0 last time, at position $20 from file begin (RTFS - the top line)
Post 11 Jul 2008, 11:49
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17715
Location: In your JS exploiting you and your system
revolution
DOS386 wrote:
...at $3C (RTFS ^^^) ... or 0x3C for C guru's
[offtopic]
I find the dollar ($) character to be very ugly. The 0x format is much clearer IMO. I don't care whether C programmers use it, I also like it and I won't let the I-hate-C brain-washers sway me into using a format that I think is ugly.
[/offtopic]
Post 11 Jul 2008, 11:53
View user's profile Send private message Visit poster's website Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 7802
Location: Kraków, Poland
Tomasz Grysztar
Even if you put the offset at valid offset in file, it is not valid if it is outside the boundaries of header.
Post 11 Jul 2008, 11:57
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17715
Location: In your JS exploiting you and your system
revolution
DOS386 wrote:
> What does the value 28 mean there?

It's $1C - since org was set to 0 last time, at position $20 from file begin (RTFS - the top line)
Thanks for the explanation, it was not clear to me.

But your efforts to squeeze a few bytes out of the header by inserting code in there seems rather odd. Is there a particular purposes you have for this? Is your HDD too small to hold the extra data? Confused
Post 11 Jul 2008, 11:58
View user's profile Send private message Visit poster's website Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1901
DOS386
Tomasz Grysztar wrote:
Even if you put the offset at valid offset in file, it is not valid if it is outside the boundaries of header.


Evidence, please. It always worked for me like this. All PE loaders I've seen so far do ignore the MZ header and simply look at $3C.
Post 11 Jul 2008, 12:08
View user's profile Send private message Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1901
DOS386
revolution wrote:
find the dollar ($) character to be very ugly. The 0x format is much clearer IMO.


COOL. MASM-guru's append "h" at the end of the number, Quack-BASIC guru's prepend it with "&H", and GAS-guru's must use both "$" and "0x" when pressuring the compiler to accept a hex number Shocked

Quote:
your efforts to squeeze a few bytes out of the header by inserting code in there seems rather odd. Is there a particular purposes you have for this? Is your HDD too small to hold the extra data?


Save 32 bytes here, save 50 bytes there, save some more space in ??? , at the end one will get a 1 MiB distro instead of a 10 GiB distro Smile
Post 11 Jul 2008, 12:12
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17715
Location: In your JS exploiting you and your system
revolution
DOS386 wrote:
COOL. MASM-guru's append "h" at the end of the number, Quack-BASIC guru's prepend it with "&H", and GAS-guru's must use both "$" and "0x" when pressuring the compiler to accept a hex number Shocked
In fasm we have the choice. I pity the QB and GAS programmers then, it seems they get no choice and are forced to use ugly syntaxes.
Post 11 Jul 2008, 12:16
View user's profile Send private message Visit poster's website Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 7802
Location: Kraków, Poland
Tomasz Grysztar
DOS386 wrote:
Tomasz Grysztar wrote:
Even if you put the offset at valid offset in file, it is not valid if it is outside the boundaries of header.


Evidence, please. It always worked for me like this. All PE loaders I've seen so far do ignore the MZ header and simply look at $3C.

The fact that it works doesn't mean it is correct.
Post 11 Jul 2008, 12:17
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17715
Location: In your JS exploiting you and your system
revolution
DOS386 wrote:
Save 32 bytes here, save 50 bytes there, save some more space in ??? , at the end one will get a 1 MiB distro instead of a 10 GiB distro Smile
Where is the evidence! You are always demanding evidence from others so now is the time for you to prove your statement above.
Post 11 Jul 2008, 12:17
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17715
Location: In your JS exploiting you and your system
revolution
DOS386 wrote:
Evidence, please. It always worked for me like this. All PE loaders I've seen so far do ignore the MZ header and simply look at $3C.
So what about the next version of windows, can you say with certainty that it won't check the MZ header (probably "for security reasons"). You have potential for incompatibility, have you heard of Murphy's law?
Post 11 Jul 2008, 12:19
View user's profile Send private message Visit poster's website Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1901
DOS386
Tomasz Grysztar wrote:
The fact that it works doesn't mean it is correct.


Please point me to documentation saying that it's wrong.
Post 11 Jul 2008, 12:28
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17715
Location: In your JS exploiting you and your system
revolution
DOS386 wrote:
Tomasz Grysztar wrote:
The fact that it works doesn't mean it is correct.


Please point me to documentation saying that it's wrong.
Hehe, look up dude, I posted the MZ header format above. What other evidence do you need?
Post 11 Jul 2008, 12:32
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.