flat assembler
Message board for the users of flat assembler.
Index
> Main > How to convert "mov fs:[0],esp" to FASM syntax? Goto page 1, 2 Next |
Author |
|
sinsi 06 Feb 2009, 06:05
Code: mov [fs:0],esp |
|||
06 Feb 2009, 06:05 |
|
revolution 06 Feb 2009, 06:15
Also, this is allowed:
Code: fs mov [0],esp And this: Code: fs mov [0],esp |
|||
06 Feb 2009, 06:15 |
|
Azu 06 Feb 2009, 08:06
Thanks guys I'm almost done converting now I think
There is another thing I'ms tuck on though.. if you could help me with this one to that would be great "assume esi:ptr IMAGE_NT_HEADERS" It won't compile at all.. tried changing it to "assume esi:IMAGE_NT_HEADERS" but still no go. I have the IMAGE_NT_HEADERS struct defined in an include so I'm not sure why it isn't working x_x any ideas? Is there a way to get this working easily or should I just look through the structs and try to do the offsets manually instead? I'm almost to the end and think I'll have it done as soon as I get this last obstacle out of the way.. I don't see why it won't compile though.. It doesn't get hung up on the "assume esi:ptr EXCEPTION_RECORD,edi:ptr CONTEXT" near the start of the file, which looks to me like it would have more problem.. I'm really confused And I tried replacing that line with it just to see if it would work, but it still gives "illegal instruction" compile error.. The line right after it is "mov esi,[esi].OptionalHeader.DataDirectory.VirtualAddress" if that matters (which I changed to mov esi,[esi.OptionalHeader.DataDirectory.VirtualAddress] btw) Edit: nevermind the one at the top gives a compile error to. I thought FASM parsed files from the top to the bottom, but when I commented out the stuff at the bottom it's giving errors on the assume at the top now. Damn. Is the whole "assume" directive just non existent in FASM? I tried commenting out all the assumes but now I get an error on "pop [edi.regEbp]" saying undefined symbol Last edited by Azu on 06 Feb 2009, 08:19; edited 2 times in total |
|||
06 Feb 2009, 08:06 |
|
revolution 06 Feb 2009, 08:14
If you are not using the MASM macros then you can't use assume.
Try this: Code: mov esi,[esi+EXCEPTION_RECORD.OptionalHeader.DataDirectory.VirtualAddress] |
|||
06 Feb 2009, 08:14 |
|
Azu 06 Feb 2009, 08:29
Thanks.. I'm having a problem with one of the structs, now. Hopefully this will be the last one...
This "Fpr0 double ?" gives illegal instruction Did I convert it wrong or is it just impossible to use the "double" type in FASM? It was originally "double Fpr0;" from msdn This is getting frustrating lol.. P.S. tried changing it to dfloat, to |
|||
06 Feb 2009, 08:29 |
|
MazeGen 06 Feb 2009, 09:13
Azu wrote:
The fastest way to get most of the answers is to read the docs: http://flatassembler.net/docs.php?article=manual#1.2.2 |
|||
06 Feb 2009, 09:13 |
|
revolution 06 Feb 2009, 09:40
double is the same as dq and rq.
Code: MyFloat dq 1.2345678901234
MyOtherFloat dq ? |
|||
06 Feb 2009, 09:40 |
|
Azu 06 Feb 2009, 18:57
Thanks again guys. I still can't get it to compile though
Now these aren't compiling Code: SIZE_OF_80387_REGISTERS equ 80 struct FLOATING_SAVE_AREA ControlWord dd ? StatusWord dd ? TagWord dd ? ErrorOffset dd ? ErrorSelector dd ? DataOffset dd ? DataSelector dd ? RegisterArea rb SIZE_OF_80387_REGISTERS Cr0NpxStatedd dd ? ends MAXIMUM_SUPPORTED_EXTENSION equ 512 struct CONTEXT ContextFlags DW ? iDr0 DW ? iDr1 DW ? iDr2 DW ? iDr3 DW ? iDr6 DW ? iDr7 DW ? FloatSave FLOATING_SAVE_AREA regGs DW ? regFs DW ? regEs DW ? regDs DW ? regEdi DW ? regEsi DW ? regEbx DW ? regEdx DW ? regEcx DW ? regEax DW ? regEbp DW ? regEip DW ? regCs DW ? regFlag DW ? regEsp DW ? regSs DW ? Extendedregisters DB MAXIMUM_SUPPORTED_EXTENSION DUP (?) ends On the last ends it says "Error: definition of CONTEXT contains illegal instructions." If I comment out the "FloatSave FLOATING_SAVE_AREA" part then it gets passed that but then it gets stuck on this "pop[edi+CONTEXT.regEbp]" and says "Error: undefined symbol 'CONTEXT.regEbp'." I can't find anything in the docs about why this shouldn't be working, sorry.. I also tried putting this struct as Code: struct CONTEXT ContextFlags DW ? iDr0 DW ? iDr1 DW ? iDr2 DW ? iDr3 DW ? iDr6 DW ? iDr7 DW ? FloatSave ControlWord dd ? StatusWord dd ? TagWord dd ? ErrorOffset dd ? ErrorSelector dd ? DataOffset dd ? DataSelector dd ? RegisterArea rb SIZE_OF_80387_REGISTERS Cr0NpxStatedd dd ? ends regGs DW ? regFs DW ? regEs DW ? regDs DW ? regEdi DW ? regEsi DW ? regEbx DW ? regEdx DW ? regEcx DW ? regEax DW ? regEbp DW ? regEip DW ? regCs DW ? regFlag DW ? regEsp DW ? regSs DW ? Extendedregisters DB MAXIMUM_SUPPORTED_EXTENSION DUP (?) ends but it says illegal instructions on " FloatSave" I don't understand why this is since I used exactly the same syntax as this struct (which doesn't error) Code: struct IMAGE_IMPORT_DESCRIPTOR union Characteristics dd ? OriginalFirstThunk dd ? ends TimeDateStamp dd ? ForwarderChain dd ? Name dd ? FirstThunk dd ? ends Please help the tiny "structures" section in the docs doesn't help at all.. |
|||
06 Feb 2009, 18:57 |
|
revolution 07 Feb 2009, 00:37
Can you please show some minimal code that gives the error. There may be some interaction with other parts of your code. By this I mean not just the snippets you posted above, but one small asm file with the includes and other things all intact.
BTW: Why do you have DW in your structure for 32bit registers? |
|||
07 Feb 2009, 00:37 |
|
Azu 07 Feb 2009, 00:57
I'm not sure why it's a DW, sorry. I am just finding the structs on Google and trying to convert them to FASM syntax. It was a DW to begin with so I left it as a DW.
Here's the original file I'm trying to include and get to compile Code: ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; ¹«ÓÃÄ£¿é£º_GetKernel.asm ; ¸ù¾Ý³ÌÐò±»µ÷ÓõÄʱºò¶ÑÕ»ÖÐÓиöÓÃÓÚ Ret µÄµØÖ·Ö¸Ïò Kernel32.dll ; ¶ø´ÓÄÚ´æÖÐɨÃè²¢»ñÈ¡ Kernel32.dll µÄ»ùÖ· ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; ; ; ; ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; ´íÎó Handler ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> _SEHHandler proc _lpExceptionRecord,_lpSEH,_lpContext,_lpDispatcherContext pushad mov esi,_lpExceptionRecord mov edi,_lpContext assume esi:ptr EXCEPTION_RECORD,edi:ptr CONTEXT mov eax,_lpSEH push [eax + 0ch] pop [edi].regEbp push [eax + 8] pop [edi].regEip push eax pop [edi].regEsp assume esi:nothing,edi:nothing popad mov eax,ExceptionContinueExecution ret _SEHHandler endp ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; ÔÚÄÚ´æÖÐɨÃè Kernel32.dll µÄ»ùÖ· ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> _GetKernelBase proc _dwKernelRet local @dwReturn pushad mov @dwReturn,0 ;******************************************************************** ; Öض¨Î» ;******************************************************************** call @F @@: pop ebx sub ebx,offset @B ;******************************************************************** ; ´´½¨ÓÃÓÚ´íÎó´¦ÀíµÄ SEH ½á¹¹ ;******************************************************************** assume fs:nothing push ebp lea eax,[ebx + offset _PageError] push eax lea eax,[ebx + offset _SEHHandler] push eax push fs:[0] mov fs:[0],esp ;******************************************************************** ; ²éÕÒ Kernel32.dll µÄ»ùµØÖ· ;******************************************************************** mov edi,_dwKernelRet and edi,0ffff0000h .while TRUE .if word ptr [edi] == IMAGE_DOS_SIGNATURE mov esi,edi add esi,[esi+003ch] .if word ptr [esi] == IMAGE_NT_SIGNATURE mov @dwReturn,edi .break .endif .endif _PageError: sub edi,010000h .break .if edi < 070000000h .endw pop fs:[0] add esp,0ch popad mov eax,@dwReturn ret _GetKernelBase endp ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; ´ÓÄÚ´æÖÐÄ£¿éµÄµ¼³ö±íÖлñȡij¸ö API µÄÈë¿ÚµØÖ· ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> _GetApi proc _hModule,_lpszApi local @dwReturn,@dwStringLength pushad mov @dwReturn,0 ;******************************************************************** ; Öض¨Î» ;******************************************************************** call @F @@: pop ebx sub ebx,offset @B ;******************************************************************** ; ´´½¨ÓÃÓÚ´íÎó´¦ÀíµÄ SEH ½á¹¹ ;******************************************************************** assume fs:nothing push ebp lea eax,[ebx + offset _Error] push eax lea eax,[ebx + offset _SEHHandler] push eax push fs:[0] mov fs:[0],esp ;******************************************************************** ; ¼ÆËã API ×Ö·û´®µÄ³¤¶È£¨´øβ²¿µÄ0£© ;******************************************************************** mov edi,_lpszApi mov ecx,-1 xor al,al cld repnz scasb mov ecx,edi sub ecx,_lpszApi mov @dwStringLength,ecx ;******************************************************************** ; ´Ó PE ÎļþÍ·µÄÊý¾ÝĿ¼»ñÈ¡µ¼³ö±íµØÖ· ;******************************************************************** mov esi,_hModule add esi,[esi + 3ch] assume esi:ptr IMAGE_NT_HEADERS mov esi,[esi].OptionalHeader.DataDirectory.VirtualAddress add esi,_hModule assume esi:ptr IMAGE_EXPORT_DIRECTORY ;******************************************************************** ; ²éÕÒ·ûºÏÃû³ÆµÄµ¼³öº¯ÊýÃû ;******************************************************************** mov ebx,[esi].AddressOfNames add ebx,_hModule xor edx,edx .repeat push esi mov edi,[ebx] add edi,_hModule mov esi,_lpszApi mov ecx,@dwStringLength repz cmpsb .if ZERO? pop esi jmp @F .endif pop esi add ebx,4 inc edx .until edx >= [esi].NumberOfNames jmp _Error @@: ;******************************************************************** ; APIÃû³ÆË÷Òý --> ÐòºÅË÷Òý --> µØÖ·Ë÷Òý ;******************************************************************** sub ebx,[esi].AddressOfNames sub ebx,_hModule shr ebx,1 add ebx,[esi].AddressOfNameOrdinals add ebx,_hModule movzx eax,word ptr [ebx] shl eax,2 add eax,[esi].AddressOfFunctions add eax,_hModule ;******************************************************************** ; ´ÓµØÖ·±íµÃµ½µ¼³öº¯ÊýµØÖ· ;******************************************************************** mov eax,[eax] add eax,_hModule mov @dwReturn,eax _Error: pop fs:[0] add esp,0ch assume esi:nothing popad mov eax,@dwReturn ret _GetApi endp ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> And here's how I've changed it so far to try to get it to compile Code: ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; ¹«ÓÃÄ£¿é£º_GetKernel.asm ; ¸ù¾Ý³ÌÐò±»µ÷ÓõÄʱºò¶ÑÕ»ÖÐÓиöÓÃÓÚ Ret µÄµØÖ·Ö¸Ïò Kernel32.dll ; ¶ø´ÓÄÚ´æÖÐɨÃè²¢»ñÈ¡ Kernel32.dll µÄ»ùÖ· ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; ; ; ; ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; ´íÎó Handler ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> include 'PeStructs.inc' proc _SEHHandler _lpExceptionRecord,_lpSEH,_lpContext,_lpDispatcherContext pushad mov esi,[_lpExceptionRecord] mov edi,[_lpContext] ; assume esi:ptr EXCEPTION_RECORD,edi:ptr CONTEXT ; assume edi:CONTEXT mov eax,[_lpSEH] push dword [eax + 0ch] pop [edi+CONTEXT.regEbp] push [eax + 8] pop [edi.regEip] push eax pop [edi.regEsp] ; assume esi:nothing,edi:nothing popad mov eax,ExceptionContinueExecution ret ;_SEHHandler endp ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; ÔÚÄÚ´æÖÐɨÃè Kernel32.dll µÄ»ùÖ· ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> proc _GetKernelBase _dwKernelRet local dd @dwReturn pushad mov [@dwReturn],0 ;******************************************************************** ; Öض¨Î» ;******************************************************************** call @F @@: pop ebx sub ebx,@B ;******************************************************************** ; ´´½¨ÓÃÓÚ´íÎó´¦ÀíµÄ SEH ½á¹¹ ;******************************************************************** ; assume fs:nothing push ebp lea eax,[ebx + _PageError] push eax lea eax,[ebx + _SEHHandler] push eax push [fs:0] mov [fs:0],esp ;******************************************************************** ; ²éÕÒ Kernel32.dll µÄ»ùµØÖ· ;******************************************************************** mov edi,[_dwKernelRet] and edi,0ffff0000h .while TRUE ; .if word ptr [edi] == IMAGE_DOS_SIGNATURE .if word [edi] = IMAGE_DOS_SIGNATURE mov esi,edi add esi,[esi+003ch] ; .if word ptr [esi] == IMAGE_NT_SIGNATURE .if word [esi] = IMAGE_NT_SIGNATURE mov [dwReturn],edi ; .break jmp @f .endif .endif _PageError: sub edi,010000h ; .break .if edi < 070000000h .if edi < 070000000h jmp @f .endif .endw @@: pop [fs:0];fs:[0] add esp,0ch popad mov eax,@dwReturn ret ;_GetKernelBase endp ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; ´ÓÄÚ´æÖÐÄ£¿éµÄµ¼³ö±íÖлñȡij¸ö API µÄÈë¿ÚµØÖ· ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> proc _GetApi _hModule,_lpszApi local dd @dwReturn, dd @dwStringLength pushad mov [@dwReturn],0 ;******************************************************************** ; Öض¨Î» ;******************************************************************** call @F @@: pop ebx sub ebx,@B ;******************************************************************** ; ´´½¨ÓÃÓÚ´íÎó´¦ÀíµÄ SEH ½á¹¹ ;******************************************************************** ; assume fs:nothing push ebp lea eax,[ebx + _Error] push eax lea eax,[ebx + _SEHHandler] push eax push [fs:0];fs:[0] mov [fs:0],esp ;******************************************************************** ; ¼ÆËã API ×Ö·û´®µÄ³¤¶È£¨´øβ²¿µÄ0£© ;******************************************************************** mov edi,[_lpszApi] mov ecx,-1 xor al,al cld repnz scasb mov ecx,edi sub ecx,[_lpszApi] mov [@dwStringLength],ecx ;******************************************************************** ; ´Ó PE ÎļþÍ·µÄÊý¾ÝĿ¼»ñÈ¡µ¼³ö±íµØÖ· ;******************************************************************** mov esi,[_hModule] add esi,[esi + 3ch] ; assume esi:ptr IMAGE_NT_HEADERS ; mov esi,[esi].OptionalHeader.DataDirectory.VirtualAddress mov esi,[esi.OptionalHeader.DataDirectory.VirtualAddress] add esi,[_hModule] ; assume esi:ptr IMAGE_EXPORT_DIRECTORY ;******************************************************************** ; ²éÕÒ·ûºÏÃû³ÆµÄµ¼³öº¯ÊýÃû ;******************************************************************** mov ebx,[esi.AddressOfNames] add ebx,[_hModule] xor edx,edx .repeat push esi mov edi,[ebx] add edi,[_hModule] mov esi,[_lpszApi] mov ecx,@dwStringLength repz cmpsb .if ZERO? pop esi jmp @F .endif pop esi add ebx,4 inc edx .until edx >= [esi.NumberOfNames] jmp _Error @@: ;******************************************************************** ; APIÃû³ÆË÷Òý --> ÐòºÅË÷Òý --> µØÖ·Ë÷Òý ;******************************************************************** sub ebx,[esi.AddressOfNames] sub ebx,[_hModule] shr ebx,1 add ebx,[esi.AddressOfNameOrdinals] add ebx,[_hModule] movzx eax,word [ebx];word ptr [ebx] shl eax,2 add eax,[esi.AddressOfFunctions] add eax,[_hModule] ;******************************************************************** ; ´ÓµØÖ·±íµÃµ½µ¼³öº¯ÊýµØÖ· ;******************************************************************** mov eax,[eax] add eax,[_hModule] mov [@dwReturn],eax _Error: pop [fs:0] add esp,0ch ; assume esi:nothing popad mov eax,[@dwReturn] ret ;_GetApi endp ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> P.S. here's the struct file I've made for it Code: ;#define IMAGE_DOS_SIGNATURE 0x5A4D // MZ ;#define IMAGE_OS2_SIGNATURE 0x454E // NE ;#define IMAGE_OS2_SIGNATURE_LE 0x454C // LE ;#define IMAGE_VXD_SIGNATURE 0x454C // LE ;#define IMAGE_NT_SIGNATURE 0x00004550 // PE00 IMAGE_DOS_SIGNATURE = 0x5A4D IMAGE_OS2_SIGNATURE = 0x454E IMAGE_OS2_SIGNATURE_LE = 0x454C IMAGE_VXD_SIGNATURE = 0x454C IMAGE_NT_SIGNATURE = 0x00004550 ;typedef struct _IMAGE_DOS_HEADER { // DOS .EXE header ; WORD e_magic; // Magic number ; WORD e_cblp; // Bytes on last page of file ; WORD e_cp; // Pages in file ; WORD e_crlc; // Relocations ; WORD e_cparhdr; // Size of header in paragraphs ; WORD e_minalloc; // Minimum extra paragraphs needed ; WORD e_maxalloc; // Maximum extra paragraphs needed ; WORD e_ss; // Initial (relative) SS value ; WORD e_sp; // Initial SP value ; WORD e_csum; // Checksum ; WORD e_ip; // Initial IP value ; WORD e_cs; // Initial (relative) CS value ; WORD e_lfarlc; // File address of relocation table ; WORD e_ovno; // Overlay number ; WORD e_res[4]; // Reserved words ; WORD e_oemid; // OEM identifier (for e_oeminfo) ; WORD e_oeminfo; // OEM information; e_oemid specific ; WORD e_res2[10]; // Reserved words ; LONG e_lfanew; // File address of new exe header ; } IMAGE_DOS_HEADER, *PIMAGE_DOS_HEADER; struct IMAGE_DOS_HEADER e_magic dw ? e_cblp dw ? e_cp dw ? e_crlc dw ? e_cparhdr dw ? e_minalloc dw ? e_maxalloc dw ? e_ss dw ? e_sp dw ? e_csum dw ? e_ip dw ? e_cs dw ? e_lfarlc dw ? e_ovno dw ? e_res dw 4 dup (?) e_oemid dw ? e_oeminfo dw ? e_res2 dw 10 dup (?) e_lfanew dd ? ends ;typedef struct _IMAGE_FILE_HEADER { ; WORD Machine; ; WORD NumberOfSections; ; DWORD TimeDateStamp; ; DWORD PointerToSymbolTable; ; DWORD NumberOfSymbols; ; WORD SizeOfOptionalHeader; ; WORD Characteristics; ;} IMAGE_FILE_HEADER, *PIMAGE_FILE_HEADER; struct IMAGE_FILE_HEADER Machine dw ? NumberOfSections dw ? TimeDateStamp dd ? PointerToSymbolTable dd ? NumberOfSymbols dd ? SizeOfOptionalHeader dw ? Characteristics dw ? ends ;#define IMAGE_NUMBEROF_DIRECTORY_ENTRIES 16 IMAGE_NUMBEROF_DIRECTORY_ENTRIES = 16 ;typedef struct _IMAGE_DATA_DIRECTORY { ; DWORD VirtualAddress; ; DWORD Size; ;} IMAGE_DATA_DIRECTORY, *PIMAGE_DATA_DIRECTORY; struct IMAGE_DATA_DIRECTORY VirtualAddress dd ? Size dd ? ends ;typedef struct _IMAGE_OPTIONAL_HEADER { ; // ; // Standard fields. ; // ; ; WORD Magic; ; BYTE MajorLinkerVersion; ; BYTE MinorLinkerVersion; ; DWORD SizeOfCode; ; DWORD SizeOfInitializedData; ; DWORD SizeOfUninitializedData; ; DWORD AddressOfEntryPoint; ; DWORD BaseOfCode; ; DWORD BaseOfData; ; ; // ; // NT additional fields. ; // ; ; DWORD ImageBase; ; DWORD SectionAlignment; ; DWORD FileAlignment; ; WORD MajorOperatingSystemVersion; ; WORD MinorOperatingSystemVersion; ; WORD MajorImageVersion; ; WORD MinorImageVersion; ; WORD MajorSubsystemVersion; ; WORD MinorSubsystemVersion; ; DWORD Win32VersionValue; ; DWORD SizeOfImage; ; DWORD SizeOfHeaders; ; DWORD CheckSum; ; WORD Subsystem; ; WORD DllCharacteristics; ; DWORD SizeOfStackReserve; ; DWORD SizeOfStackCommit; ; DWORD SizeOfHeapReserve; ; DWORD SizeOfHeapCommit; ; DWORD LoaderFlags; ; DWORD NumberOfRvaAndSizes; ; IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES]; ;} IMAGE_OPTIONAL_HEADER32, *PIMAGE_OPTIONAL_HEADER32; struct IMAGE_OPTIONAL_HEADER32 ;Standard fields. Magic dw ? MajorLinkerVersion db ? MinorLinkerVersion db ? SizeOfCode dd ? SizeOfInitializedData dd ? SizeOfUninitializedData dd ? AddressOfEntryPoint dd ? BaseOfCode dd ? BaseOfData dd ? ;NT additional fields. ImageBase dd ? SectionAlignment dd ? FileAlignment dd ? MajorOperatingSystemVersion dw ? MinorOperatingSystemVersion dw ? MajorImageVersion dw ? MinorImageVersion dw ? MajorSubsystemVersion dw ? MinorSubsystemVersion dw ? Win32VersionValue dd ? SizeOfImage dd ? SizeOfHeaders dd ? CheckSum dd ? Subsystem dw ? DllCharacteristics dw ? SizeOfStackReserve dd ? SizeOfStackCommit dd ? SizeOfHeapReserve dd ? SizeOfHeapCommit dd ? LoaderFlags dd ? NumberOfRvaAndSizes dd ? DataDirectory IMAGE_DATA_DIRECTORY; IMAGE_NUMBEROF_DIRECTORY_ENTRIES dup (?) rb sizeof.IMAGE_DATA_DIRECTORY * (IMAGE_NUMBEROF_DIRECTORY_ENTRIES -1) ends ;typedef struct _IMAGE_NT_HEADERS { ; DWORD Signature; ; IMAGE_FILE_HEADER FileHeader; ; IMAGE_OPTIONAL_HEADER32 OptionalHeader; ;} IMAGE_NT_HEADERS32, *PIMAGE_NT_HEADERS32; struct IMAGE_NT_HEADERS32 Signature dd ? FileHeader IMAGE_FILE_HEADER OptionalHeader IMAGE_OPTIONAL_HEADER32 ends struct IMAGE_NT_HEADERS Signature dd ? FileHeader IMAGE_FILE_HEADER OptionalHeader IMAGE_OPTIONAL_HEADER32 ends SIZE_OF_80387_REGISTERS equ 80 ;struct FLOATING_SAVE_AREA ; ControlWord dd ? ; StatusWord dd ? ; TagWord dd ? ; ErrorOffset dd ? ; ErrorSelector dd ? ; DataOffset dd ? ; DataSelector dd ? ; RegisterArea rb SIZE_OF_80387_REGISTERS ; Cr0NpxStatedd dd ? ends MAXIMUM_SUPPORTED_EXTENSION equ 512 struct CONTEXT ContextFlags DW ? iDr0 DW ? iDr1 DW ? iDr2 DW ? iDr3 DW ? iDr6 DW ? iDr7 DW ? ; FloatSave FLOATING_SAVE_AREA FloatSave ControlWord dd ? StatusWord dd ? TagWord dd ? ErrorOffset dd ? ErrorSelector dd ? DataOffset dd ? DataSelector dd ? RegisterArea rb SIZE_OF_80387_REGISTERS Cr0NpxStatedd dd ? ends regGs DW ? regFs DW ? regEs DW ? regDs DW ? regEdi DW ? regEsi DW ? regEbx DW ? regEdx DW ? regEcx DW ? regEax DW ? regEbp DW ? regEip DW ? regCs DW ? regFlag DW ? regEsp DW ? regSs DW ? Extendedregisters DB MAXIMUM_SUPPORTED_EXTENSION DUP (?) ends ;struct CONTEXT ;Fpr0 dq ? ;Fpr1 dq ? ;Fpr2 dq ? ;Fpr3 dq ? ;Fpr4 dq ? ;Fpr5 dq ? ;Fpr6 dq ? ;Fpr7 dq ? ;Fpr8 dq ? ;Fpr9 dq ? ;Fpr10 dq ? ;Fpr11 dq ? ;Fpr12 dq ? ;Fpr13 dq ? ;Fpr14 dq ? ;Fpr15 dq ? ;Fpr16 dq ? ;Fpr17 dq ? ;Fpr18 dq ? ;Fpr19 dq ? ;Fpr20 dq ? ;Fpr21 dq ? ;Fpr22 dq ? ;Fpr23 dq ? ;Fpr24 dq ? ;Fpr25 dq ? ;Fpr26 dq ? ;Fpr27 dq ? ;Fpr28 dq ? ;Fpr29 dq ? ;Fpr30 dq ? ;Fpr31 dq ? ;Fpscr dq ? ;Gpr0 dw ? ;Gpr1 dw ? ;Gpr2 dw ? ;Gpr3 dw ? ;Gpr4 dw ? ;Gpr5 dw ? ;Gpr6 dw ? ;Gpr7 dw ? ;Gpr8 dw ? ;Gpr9 dw ? ;Gpr10 dw ? ;Gpr11 dw ? ;Gpr12 dw ? ;Gpr13 dw ? ;Gpr14 dw ? ;Gpr15 dw ? ;Gpr16 dw ? ;Gpr17 dw ? ;Gpr18 dw ? ;Gpr19 dw ? ;Gpr20 dw ? ;Gpr21 dw ? ;Gpr22 dw ? ;Gpr23 dw ? ;Gpr24 dw ? ;Gpr25 dw ? ;Gpr26 dw ? ;Gpr27 dw ? ;Gpr28 dw ? ;Gpr29 dw ? ;Gpr30 dw ? ;Gpr31 dw ? ;Cr dw ? ;Xer dw ? ;Msr dw ? ;Iar dw ? ;Lr dw ? ;Ctr dw ? ;ContextFlags dw ? ;Fill dw 3 dup ? ;Dr0 dw ? ;Dr1 dw ? ;Dr2 dw ? ;Dr3 dw ? ;Dr4 dw ? ;Dr5 dw ? ;Dr6 dw ? ;Dr7 dw ? ;ends ;#define IMAGE_SIZEOF_SHORT_NAME 8 IMAGE_SIZEOF_SHORT_NAME = 8 ;typedef struct _IMAGE_SECTION_HEADER { ; BYTE Name[IMAGE_SIZEOF_SHORT_NAME]; ; union { ; DWORD PhysicalAddress; ; DWORD VirtualSize; ; } Misc; ; DWORD VirtualAddress; ; DWORD SizeOfRawData; ; DWORD PointerToRawData; ; DWORD PointerToRelocations; ; DWORD PointerToLinenumbers; ; WORD NumberOfRelocations; ; WORD NumberOfLinenumbers; ; DWORD Characteristics; ;} IMAGE_SECTION_HEADER, *PIMAGE_SECTION_HEADER; struct IMAGE_SECTION_HEADER Name db IMAGE_SIZEOF_SHORT_NAME dup (?) union PhysicalAddress dd ? VirtualSize dd ? ends VirtualAddress dd ? SizeOfRawData dd ? PointerToRawData dd ? PointerToRelocations dd ? PointerToLinenumbers dd ? NumberOfRelocations dw ? NumberOfLinenumbers dw ? Characteristics dd ? ends ;typedef struct _IMAGE_IMPORT_DESCRIPTOR { ; union { ; DWORD Characteristics; // 0 for terminating null import descriptor ; DWORD OriginalFirstThunk; // RVA to original unbound IAT (PIMAGE_THUNK_DATA) ; }; ; DWORD TimeDateStamp; // 0 if not bound, ; // -1 if bound, and real date\time stamp ; // in IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT (new BIND) ; // O.W. date/time stamp of DLL bound to (Old BIND) ; ; DWORD ForwarderChain; // -1 if no forwarders ; DWORD Name; ; DWORD FirstThunk; // RVA to IAT (if bound this IAT has actual addresses) ;} IMAGE_IMPORT_DESCRIPTOR; ;typedef IMAGE_IMPORT_DESCRIPTOR UNALIGNED *PIMAGE_IMPORT_DESCRIPTOR; struct IMAGE_IMPORT_DESCRIPTOR union Characteristics dd ? OriginalFirstThunk dd ? ends TimeDateStamp dd ? ForwarderChain dd ? Name dd ? FirstThunk dd ? ends ;typedef struct _IMAGE_IMPORT_BY_NAME { ; WORD Hint; ; BYTE Name[1]; ;} IMAGE_IMPORT_BY_NAME, *PIMAGE_IMPORT_BY_NAME; struct IMAGE_IMPORT_BY_NAME Hint dw ? Name db 1 dup (?) ends ;typedef struct _IMAGE_THUNK_DATA32 { ; union { ; DWORD ForwarderString; // PBYTE ; DWORD Function; // PDWORD ; DWORD Ordinal; ; DWORD AddressOfData; // PIMAGE_IMPORT_BY_NAME ; } u1; ;} IMAGE_THUNK_DATA32; struct IMAGE_THUNK_DATA32 union ForwarderString dd ? Function dd ? Ordinal dd ? AddressOfData dd ? ends ends ;#define IMAGE_ORDINAL_FLAG32 0x80000000 IMAGE_ORDINAL_FLAG32 = 0x80000000 IMAGE_SCN_TYPE_REG = 0x00000000 ;Reserved. IMAGE_SCN_TYPE_DSECT = 0x00000001 ;Reserved. IMAGE_SCN_TYPE_NOLOAD = 0x00000002 ;Reserved. IMAGE_SCN_TYPE_GROUP = 0x00000004 ;Reserved. IMAGE_SCN_TYPE_NO_PAD = 0x00000008 ;Reserved. IMAGE_SCN_TYPE_COPY = 0x00000010 ;Reserved. IMAGE_SCN_CNT_CODE = 0x00000020 ;Section contains executable code. IMAGE_SCN_CNT_INITIALIZED_DATA = 0x00000040 ;Section contains initialized data. IMAGE_SCN_CNT_UNINITIALIZED_DATA = 0x00000080 ;Section contains uninitialized data. IMAGE_SCN_LNK_OTHER = 0x00000100 ;Reserved. IMAGE_SCN_LNK_INFO = 0x00000200 ;Reserved. IMAGE_SCN_TYPE_OVER = 0x00000400 ;Reserved. IMAGE_SCN_LNK_COMDAT = 0x00001000 ;Section contains COMDAT data. IMAGE_SCN_MEM_FARDATA = 0x00008000 ;Reserved. IMAGE_SCN_MEM_PURGEABLE = 0x00020000 ;Reserved. IMAGE_SCN_MEM_16BIT = 0x00020000 ;Reserved. IMAGE_SCN_MEM_LOCKED = 0x00040000 ;Reserved. IMAGE_SCN_MEM_PRELOAD = 0x00080000 ;Reserved. IMAGE_SCN_ALIGN_1BYTES = 0x00100000 ;Align data on a 1-byte boundary. IMAGE_SCN_ALIGN_2BYTES = 0x00200000 ;Align data on a 2-byte boundary. IMAGE_SCN_ALIGN_4BYTES = 0x00300000 ;Align data on a 4-byte boundary. IMAGE_SCN_ALIGN_8BYTES = 0x00400000 ;Align data on a 8-byte boundary. IMAGE_SCN_ALIGN_16BYTES = 0x00500000 ;Align data on a 16-byte boundary. IMAGE_SCN_ALIGN_32BYTES = 0x00600000 ;Align data on a 32-byte boundary. IMAGE_SCN_ALIGN_64BYTES = 0x00700000 ;Align data on a 64-byte boundary. IMAGE_SCN_ALIGN_128BYTES = 0x00800000 ;Align data on a 128-byte boundary. IMAGE_SCN_ALIGN_256BYTES = 0x00900000 ;Align data on a 256-byte boundary. IMAGE_SCN_ALIGN_512BYTES = 0x00A00000 ;Align data on a 512-byte boundary. IMAGE_SCN_ALIGN_1024BYTES = 0x00B00000 ;Align data on a 1024-byte boundary. IMAGE_SCN_ALIGN_2048BYTES = 0x00C00000 ;Align data on a 2048-byte boundary. IMAGE_SCN_ALIGN_4096BYTES = 0x00D00000 ;Align data on a 4096-byte boundary. IMAGE_SCN_ALIGN_8192BYTES = 0x00E00000 ;Align data on a 8192-byte boundary. IMAGE_SCN_LNK_NRELOC_OVFL = 0x01000000 ;Section contains extended relocations. IMAGE_SCN_MEM_DISCARDABLE = 0x02000000 ;Section can be discarded as needed. IMAGE_SCN_MEM_NOT_CACHED = 0x04000000 ;Section cannot be cached. IMAGE_SCN_MEM_NOT_PAGED = 0x08000000 ;Section cannot be paged. IMAGE_SCN_MEM_SHARED = 0x10000000 ;Section can be shared in memory. IMAGE_SCN_MEM_EXECUTE = 0x20000000 ;Section can be executed as code. IMAGE_SCN_MEM_READ = 0x40000000 ;Section can be read. IMAGE_SCN_MEM_WRITE = 0x80000000 ;Section can be written to. |
|||
07 Feb 2009, 00:57 |
|
revolution 07 Feb 2009, 01:06
Azu: Please don't just post the MASM file, post the fasm file that you made that shows the error you mention above. Even better if you can make it minimal. That way will give you the best chance that someone can help you to fix it.
|
|||
07 Feb 2009, 01:06 |
|
Azu 07 Feb 2009, 01:10
I don't know what ASM it is, sorry. I just thought you wanted the file. So I posted the original one and the one I partially converted to FASM, and the structs file I made for it. Did you mean something else?
The only other file is this Code: use32 format PE GUI 4.0 include 'J:\fasmw16727\INCLUDE\win32ax.inc' include '_GetKernel.asm' section '.text' code readable executable ret My attempt to get the files I listed above included and compiling. |
|||
07 Feb 2009, 01:10 |
|
revolution 07 Feb 2009, 01:25
Yes, now we have a complete fasm source file. By ASM I just meant the file with the .asm extension.
Last edited by revolution on 07 Feb 2009, 03:29; edited 1 time in total |
|||
07 Feb 2009, 01:25 |
|
revolution 07 Feb 2009, 01:52
Oh shucks, I just realised as I got out the door that you are using UPPERCASE for DW and DD etc. The struct macro only supports lower case. Change them all to lower case.
|
|||
07 Feb 2009, 01:52 |
|
Azu 07 Feb 2009, 01:56
Thanks!
It still errors out in the same places though x_x Is there something else I have to do besides saving the file and restarting FASMW.exe? BTW this compiles and runs without error Code: include 'J:\fasmw16727\INCLUDE\win32ax.inc'
struct foo
bar DD ?
ends
ret |
|||
07 Feb 2009, 01:56 |
|
revolution 07 Feb 2009, 03:17
I changed just this part only and it compiled fine for me:
Code: SIZE_OF_80387_REGISTERS = 80 struct FLOATING_SAVE_AREA ControlWord dd ? StatusWord dd ? TagWord dd ? ErrorOffset dd ? ErrorSelector dd ? DataOffset dd ? DataSelector dd ? RegisterArea rb SIZE_OF_80387_REGISTERS Cr0NpxStatedd dd ? ends MAXIMUM_SUPPORTED_EXTENSION = 512 struct CONTEXT ContextFlags dd ? iDr0 dd ? iDr1 dd ? iDr2 dd ? iDr3 dd ? iDr6 dd ? iDr7 dd ? FloatSave FLOATING_SAVE_AREA regGs dd ? regFs dd ? regEs dd ? regDs dd ? regEdi dd ? regEsi dd ? regEbx dd ? regEdx dd ? regEcx dd ? regEax dd ? regEbp dd ? regEip dd ? regCs dd ? regFlag dd ? regEsp dd ? regSs dd ? Extendedregisters rb MAXIMUM_SUPPORTED_EXTENSION ends |
|||
07 Feb 2009, 03:17 |
|
Azu 07 Feb 2009, 03:34
Thanks so much!
I just changed the db to rb and now it works perfect. Time for me to go make something with it now. Edit: nevermind.. I tried to shorten my example file for you and I guess since I didn't call anything from the file in it, it wasn't trying to compile it, and that's why no errors... This " local dd @dwReturn" errors saying undefined symbol (I thought the point of this instruction is to define it???) it was "local @dwReturn " before which says illegal instruction.. Here is example that gives the compiler errors.. Code: use32 format PE GUI 4.0 include 'J:\fasmw16727\INCLUDE\win32ax.inc' include '_GetKernel.asm' section '.text' code readable executable ret invoke _GetKernelBase |
|||
07 Feb 2009, 03:34 |
|
revolution 07 Feb 2009, 03:39
Inside a proc macro local must be used like this:
Code: local somevar:DWORD |
|||
07 Feb 2009, 03:39 |
|
Azu 07 Feb 2009, 03:45
Okay.. I tried putting it as "local DWORD:@dwReturn" but it still says illegal instruction?
|
|||
07 Feb 2009, 03:45 |
|
Goto page 1, 2 Next < Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.