flat assembler
Message board for the users of flat assembler.

Index > Compiler Internals > [req] rva enabled in ms coff

Author
Thread Post new topic Reply to topic
kempis



Joined: 12 Jun 2008
Posts: 49
kempis 13 Oct 2008, 15:08
Hello...
First, i'm sorry for my English

code:
Code:
format MS COFF
section ".idata$4"
__imp__MessageBoxA@16 dd rva MessageBoxA%text-2

section ".idata$7"
MessageBoxA%text db "MessageBoxA",0

extrn __dll__user32
public __imp__MessageBoxA@16
    


I tried to make an import archive, but fasm disable rva expressions in ms coff format.
req: I suggest that fasm can enable rva expressions in ms coff format
Post 13 Oct 2008, 15:08
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20299
Location: In your JS exploiting you and your system
revolution 13 Oct 2008, 15:27
I think that COFF format cannot support RVA because the linker won't know how to update the offset when it is linked?
Post 13 Oct 2008, 15:27
View user's profile Send private message Visit poster's website Reply with quote
kempis



Joined: 12 Jun 2008
Posts: 49
kempis 13 Oct 2008, 17:06
RVA = VA - base address
because base address is known, rva must be known when linked
(just like plt/rva in elf format)[/code]
Post 13 Oct 2008, 17:06
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20299
Location: In your JS exploiting you and your system
revolution 13 Oct 2008, 17:23
But how do you tell the linker that?
Post 13 Oct 2008, 17:23
View user's profile Send private message Visit poster's website Reply with quote
kempis



Joined: 12 Jun 2008
Posts: 49
kempis 13 Oct 2008, 17:31
I have ever read the PE and MS COFF format documentation. And there is something that tell the linker. I think it's the type of address.
Post 13 Oct 2008, 17:31
View user's profile Send private message Reply with quote
kempis



Joined: 12 Jun 2008
Posts: 49
kempis 13 Oct 2008, 17:52
this is in pe/coff documentation
Quote:

IMAGE_REL_I386_ABSOLUTE 0x0000 This relocation is ignored.
IMAGE_REL_I386_DIR16 0x0001 Not supported.
IMAGE_REL_I386_REL16 0x0002 Not supported.
IMAGE_REL_I386_DIR32 0x0006 The target’s 32-bit virtual address.
IMAGE_REL_I386_DIR32NB 0x0007 The target’s 32-bit relative virtual address.
IMAGE_REL_I386_SEG12 0x0009 Not supported.
IMAGE_REL_I386_SECTION 0x000A The 16-bit-section index of the section containing the
target. This is used to support debugging information.
IMAGE_REL_I386_SECREL 0x000B The 32-bit offset of the target from the beginning of its
section. This is used to support debugging information
as well as static thread local storage.
IMAGE_REL_I386_REL32 0x0014 The 32-bit relative displacement to the target. This
supports the x86 relative branch and call instructions.
Post 13 Oct 2008, 17:52
View user's profile Send private message Reply with quote
baldr



Joined: 19 Mar 2008
Posts: 1651
baldr 05 Nov 2008, 09:03
kempis,

I think it's about IMAGE_REL_I386_DIR32NB not supported by fasm COFF formatter, thus rva operator is allowed only in PE and ELF formats.

Nevertheless, you have sources…
Post 05 Nov 2008, 09:03
View user's profile Send private message Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 8351
Location: Kraków, Poland
Tomasz Grysztar 06 Nov 2008, 11:01
Yeah, sorry, that was just my laziness - I never though someone would need to use RVA operator in COFF object. Wink
Post 06 Nov 2008, 11:01
View user's profile Send private message Visit poster's website Reply with quote
baldr



Joined: 19 Mar 2008
Posts: 1651
baldr 06 Nov 2008, 17:29
Tomasz Grysztar,

Don't be sorry: we must be thankful that you release your sources, not only binaries. So if somebody need some feature, he/she is free to modify the sources to achieve that goal. There ain't such a thing as a free lunch. Wink
Post 06 Nov 2008, 17:29
View user's profile Send private message Reply with quote
kempis



Joined: 12 Jun 2008
Posts: 49
kempis 12 Nov 2008, 13:50
Thank's for all. Razz
OK, it's difficult for me but I will try to modify the source.
Post 12 Nov 2008, 13:50
View user's profile Send private message Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid 12 Nov 2008, 22:48
no need to modify, it will come soon.
Post 12 Nov 2008, 22:48
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
kempis



Joined: 12 Jun 2008
Posts: 49
kempis 15 Nov 2008, 03:29
OK thank's very much.

BTW, I've modified it...

EXPRESSI.INC
Code:
      calculate_rva:
   cmp     word [edi+8],0
      jne     invalid_expression
  cmp     [output_format],5
   je      calculate_gotoff
    cmp     [output_format],3
   ;jne     invalid_expression
 ;modified
   jne     calculate_coff_rva
  ;/modified
  test    [format_flags],8
    jnz     pe64_rva
    mov     al,2
        bt      [resolver_flags],0
  jc      rva_type_ok
 xor     al,al
      rva_type_ok:
     cmp     byte [edi+12],al
    je      rva_ok
      cmp     [error_line],0
      jne     rva_ok
      mov     eax,[current_line]
  mov     [error_line],eax
    mov     [error],invalid_use_of_symbol
      rva_ok:
  mov     byte [edi+12],0
     mov     eax,[code_start]
    mov     eax,[eax+34h]
       cdq
 sub     [edi],eax
   sbb     [edi+4],edx
 add     edi,14h
     jmp     calculation_loop
      ;modified
      calculate_coff_rva:
        mov     dl,9
        cmp     byte[edi+12],2
      jne     incorrect_change_of_value_type
      jmp     change_value_type
      ;/modified    


another code in EXPRESSI.INC
Code:
get_address_value:
      mov     [address_size],0
    mov     [value_size],8
      calculate_address:
      cmp     byte [esi],'.'
    je      invalid_address
     call    calculate_expression
        mov     eax,[edi+16]
        mov     [address_symbol],eax
        mov     al,[edi+12]
 mov     [value_type],al
     cmp     al,6
        je      plt_address
 ;modified
   cmp     al,9
        je      plt_address
 ;/modified
  cmp     al,5
        je      gotoff_address
      ja      invalid_use_of_symbol    


FORMATS.INC
Code:
mark_coff_relocation:
    cmp     [value_type],3
      je      coff_relocation_relative
    ;modified
   cmp     [value_type],9
      je      coff_relocation_rva
 ;/modified
  push    ebx eax
     test    [format_flags],8
    jnz     coff_64bit_relocation
       mov     al,6
        jmp     coff_relocation
     ;modified
      coff_relocation_rva:
 push    ebx eax
     mov     al,7
        jmp     coff_relocation
     ;/modified    


But I still wait for new version... Very Happy
Post 15 Nov 2008, 03:29
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.