flat assembler
Message board for the users of flat assembler.

Index > Windows > Windows command line parsing functions?

Goto page 1, 2  Next
Author
Thread Post new topic Reply to topic
madmatt



Joined: 07 Oct 2003
Posts: 1045
Location: Michigan, USA
madmatt 26 Mar 2008, 17:20
Hi everyone,
Are there any windows functions that parse the command line?

I have this so far:
proc main
local argc:DWORD, argv:DWORD
Code:
     invoke  GetCommandLine
     invoke  CommandLineToArgvW, eax, addr argc
     mov     [argv], eax    


which gives me a pointer to the full command line, but doesn't parse it. Are there any magic functions that do this?
Post 26 Mar 2008, 17:20
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20339
Location: In your JS exploiting you and your system
revolution 26 Mar 2008, 17:26
I think you are using it wrongly, CommandLineToArgvW is a UNICODE function and expects a UNICODE input parameter.

Code:
...
invoke  GetCommandLineW  ;<--- Note the extra "W" character
invoke  CommandLineToArgvW, eax, addr argc
...    
W95 SDK wrote:
The CommandLineToArgvW function parses a wide-character Unicode command-line string. It returns a pointer to a set of wide-character Unicode argument strings and a count of arguments, similar to the standard C run-time argv and argc values. The function provides a way to obtain a Unicode set of argv and argc values from a Unicode command-line string.
Post 26 Mar 2008, 17:26
View user's profile Send private message Visit poster's website Reply with quote
madmatt



Joined: 07 Oct 2003
Posts: 1045
Location: Michigan, USA
madmatt 26 Mar 2008, 23:13
Yeh, you're right.,
I forgot it returns and array of pointers to UNICODE strings and not normal byte strings, thanks for reminding me Smile !
Post 26 Mar 2008, 23:13
View user's profile Send private message Reply with quote
jazz



Joined: 16 Jul 2016
Posts: 61
jazz 15 Jul 2018, 22:55
But how can I output and/or parse those Unicode command-line parameters?

Because:

Code:
  invoke GetCommandLineW
  invoke CommandLineToArgvW, eax, argc
  mov    [argv], eax
  invoke MessageBoxW, NULL, [argv], 'TestDlg', MB_OK    


Code:
> foo.exe quux    


A dialog is opened:

Code:
---------------------------
TestDlg
---------------------------
鰤鲒
---------------------------
OK   
---------------------------    


That was not what I wanted - and it makes working with the input values rather hard.
Post 15 Jul 2018, 22:55
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20339
Location: In your JS exploiting you and your system
revolution 16 Jul 2018, 00:24
IIRC argv is a list of pointers. You need to read the pointers to find each string.
Post 16 Jul 2018, 00:24
View user's profile Send private message Visit poster's website Reply with quote
jazz



Joined: 16 Jul 2016
Posts: 61
jazz 16 Jul 2018, 00:30
Wouldn't the address point to the first item anyway? At least that's what it does in C. Sad

_________________
invoke Beer
Post 16 Jul 2018, 00:30
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20339
Location: In your JS exploiting you and your system
revolution 16 Jul 2018, 00:31
The first item is a pointer to the first string. The second item is pointer to the second string. etc. IIRC
Post 16 Jul 2018, 00:31
View user's profile Send private message Visit poster's website Reply with quote
jazz



Joined: 16 Jul 2016
Posts: 61
jazz 16 Jul 2018, 00:50
Can I just get that with argv[0]?
Post 16 Jul 2018, 00:50
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20339
Location: In your JS exploiting you and your system
revolution 16 Jul 2018, 00:54
You have a pointer to a list of pointers. So ...
Code:
mov ecx,[argv]
invoke MessageBoxW, NULL, [ecx+4*0], 'TestDlg', MB_OK    
...might work for you.
Post 16 Jul 2018, 00:54
View user's profile Send private message Visit poster's website Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 718
Ali.Z 16 Jul 2018, 05:07
since this topic/thread is about consoles, i would like to ask a question:

some console programs require cmd to run and passing some function name and parameters or arguments.
like:
C:\Users\ali> utility.exe createfile -r -b file.txt

such things are interesting to me, because i dont know how they work.
Post 16 Jul 2018, 05:07
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20339
Location: In your JS exploiting you and your system
revolution 16 Jul 2018, 09:11
You can parse the arguments directly in your code. You don't have to use CommandLineToArgvW if you find it easier to do it yourself.
Post 16 Jul 2018, 09:11
View user's profile Send private message Visit poster's website Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 718
Ali.Z 16 Jul 2018, 12:35
hmm parsing, it didnt came in my mind.

i can parse them, already did for an .ini file

anyhow, so assuming i wanna make something that must be executed from cmd then readconsole should be my first api.
Post 16 Jul 2018, 12:35
View user's profile Send private message Reply with quote
jazz



Joined: 16 Jul 2016
Posts: 61
jazz 16 Jul 2018, 18:33
revolution wrote:
You have a pointer to a list of pointers. So ...
Code:
mov ecx,[argv]
invoke MessageBoxW, NULL, [ecx+4*0], 'TestDlg', MB_OK    
...might work for you.


Sadly, no: "operand size not specified". But thank you for your effort!

_________________
invoke Beer
Post 16 Jul 2018, 18:33
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20339
Location: In your JS exploiting you and your system
revolution 16 Jul 2018, 21:44
Okay, well then you need to add a dword override.
Code:
 ... dword[ecx+4*0] ...    
Post 16 Jul 2018, 21:44
View user's profile Send private message Visit poster's website Reply with quote
jazz



Joined: 16 Jul 2016
Posts: 61
jazz 16 Jul 2018, 21:46
Thank you, that works (and it's sufficiently ugly). Smile
Post 16 Jul 2018, 21:46
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20339
Location: In your JS exploiting you and your system
revolution 16 Jul 2018, 21:48
You can get each parameter with [ecx+4*n], for n = 0,1,2,...
Post 16 Jul 2018, 21:48
View user's profile Send private message Visit poster's website Reply with quote
jazz



Joined: 16 Jul 2016
Posts: 61
jazz 17 Jul 2018, 00:13
In theory... but how can I extract argc? Because something's not right here:

Code:
start:
  invoke GetCommandLineW 
  invoke CommandLineToArgvW, eax, argc 
  mov    [argv], eax ; we'll need that later

  ; Make sure we have 1 or more args:
  cmp    dword[argc], 1
  jbe    exit

  ; Init loop:
  mov    ecx, 1
  mov    eax, [argv]

@@:
  invoke MessageBoxW, NULL, dword[eax+4*ecx], 'TestDlg', MB_OK

  ; Repeat until ecx = argc-1:
  inc    ecx
  cmp    ecx, dword[argc]
  jb     @B  

exit:
  invoke ExitProcess, 0    


Now:

Code:
> foo.exe                # nothing happens - good!
> foo.exe quux           # a msgbox with "quux" opens - good!
> foo.exe quux quax      # a msgbox with "quux" opens, then the application exits.
> foo.exe quux quax quox # a msgbox with "quux" opens, then the application exits.    


Hum. Confused

According to my limited understanding, cmp ecx, dword[argc] should put the result of "1 < argc" into the active register and jb @B should jump back to @@ if it's smaller...?

(Sorry for being dumb. I promise to remember what I'll learn here!)
Post 17 Jul 2018, 00:13
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20339
Location: In your JS exploiting you and your system
revolution 17 Jul 2018, 01:00
ECX and EAX are not preserved by the API calls. You can use EDI, ESI or EBX
Post 17 Jul 2018, 01:00
View user's profile Send private message Visit poster's website Reply with quote
jazz



Joined: 16 Jul 2016
Posts: 61
jazz 17 Jul 2018, 01:04
Ouch. I thought that EAX to EDX would just be "variable box 1 to 4"... so I'll basically need to put argc, the counter and argv elsewhere?

Is there any idiot-friendly overview over which register can store what? Embarassed
Post 17 Jul 2018, 01:04
View user's profile Send private message Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 718
Ali.Z 17 Jul 2018, 04:02
https://en.wikipedia.org/wiki/X86_calling_conventions
fasm use stdcall by default (which personally i prefer)

nowadays every register can be used as general storage, even ebp but with exception for esp.
using stdcall (and some other calling conventions) eax, edx and ecx are caller saved (volatile), while rest are callee saved (non-volatile).

if you are looking for naming and meaning:
reg - usage = name ~ preservation

volatile caller saved
eax - general purpose = accumulator ~ volatile
(expect 99% of winapi calls return your value in this register)
ecx - general purpose = counter ~ volatile
edx - general purpose = data ~ volatile
(as a guy who reverse engineer, found 1-3 apis return some useful data in edx)

non-volatile callee saved
ebx - general purpose = base ~ non-volatile
ebp - general purpose / stackframe = base pointer ~ non-volatile
(used to save stackframe, in other words the callee can push and pop as many words and dwords in the stack and then the callee return stackframe to it previous state) (note that ENTER and LEAVE asm instructions can be used to preserve the stack)
Code:
example:
push ebp
mov ebp,esp
...
mov esp,ebp
pop ebp
ret ; no need to calculate bytes pushed to use RET 02, RET 04 or 08 ...    

esp - general purpose / stackpointer = stack pointer ~ non-volatile
(exception: you dont want to move a value into esp without saving it into another register (edi,esi,...) but in general you dont want to use esp as a register)
esi - general purpose = source index ~ non-volatile
(some asm instructions affect esi, string/character operations
edi - general purpose = destination index ~ non-volatile
(some asm ins ... same as esi)
Post 17 Jul 2018, 04:02
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.