alaphate Posted April 22, 2009 Posted April 22, 2009 (edited) Just like Cfunction MyProc(){char szTemp[] = "Hello World!"}In MASM:MyProc PROClocal szTemp:byteMyProc ENDPThe problem is how to transfer "Hello World!" to szTemp, WITHOUT defining global variable in .DATA segment.I figured out one way, but it will not be the best way.MyProc PROClocal szTemp[128]:bytemov al, 48h ;ASCII of 'H'mov szTemp, almov al,65h ;ASCII of 'e'mov szTemp+1, al;etc...MyProc ENDPCould any buddy suggest me better solutions?Thanks in advance. Edited April 22, 2009 by alaphate
diablo2oo2 Posted April 22, 2009 Posted April 22, 2009 (edited) myproc proc local sztemp[128]:byte;---method 1---- fn lstrcpy,addr sztemp,"hello world" ;helloworld will be copied from .data section to sztemp;---method 2--- jmp @F hello_world db "hello world",0 ;string is in .code section here @@: fn lstrcpy,addr sztemp,addr hello_world;---method 3--- mov sztemp[0],"h" ;chars are stored as constant in .code section , same as method 2, but stupid mov sztemp[1],"e" mov sztemp[2],"l";---method 4 (without api function)--- lea edi,sztemp mov esi,offset hello_world mov ecx,sizeof hello_world rep movsb ... retmyproc endp Edited April 22, 2009 by diablo2oo2
MACH4 Posted April 22, 2009 Posted April 22, 2009 ;---method 2---jmp @Fhello_world db "hello world",0 ;string is in .code section here@@:fn lstrcpy,addr sztemp,addr hello_worldIf the intention is to hide the string in a procedure then this one is not too good, it will be seen as hard coded text in a dissembly.MACH4
alaphate Posted April 22, 2009 Author Posted April 22, 2009 (edited) diablo2oo2,Thank you for reply.Using method 1, I got compiling error:error A2084: struction or register not accepted in current CPU mode.386.model flat, stdcallinclude user32.incinclude kernel32.inc.dataszCaption db "WIN32 ASM",0.codemain proc local szTemp[128]:byte invoke lstrcpy, addr szTemp, "Hello World!" invoke MessageBoxA, 0, ADDR szTemp, ADDR szCaption, 0 invoke ExitProcess, 0main endpend mainIn Method 4, Need I add:move ax,dsmov es,ds;beforelea edi,szTempbecause the dest String address should be ES:EDII'm not sure whether ES is same to DS or not in FLAT model. Edited April 22, 2009 by alaphate
diablo2oo2 Posted April 22, 2009 Posted April 22, 2009 (edited) diablo2oo2,Thank you for reply.Using method 1, I got compiling error:error A2084: struction or register not accepted in current CPU mode.386.model flat, stdcallinclude user32.incinclude kernel32.inc.dataszCaption db "WIN32 ASM",0.codemain proc local szTemp[128]:byte invoke lstrcpy, addr szTemp, "Hello World!" invoke MessageBoxA, 0, ADDR szTemp, ADDR szCaption, 0 invoke ExitProcess, 0main endpend mainuse latest MASM version. MASM is so powerfull because of its macros. use them! one of this macros is the "fn"macro. Use the "fn" command instead "invoke". the "fn" instruction will allow you to use strings like in c. so you don not need to put them to .data section! there is also a macro called "fnc", its used for c-style escape characters like "hello\nworld". \n is nextline. see masm helpfiles for more information.Also you don't need to add an "A" to apinames.masm uses ansi api functions by default. but if you want to use the unicodeformat you must add an "W" to the name.here is my file:.586p.mmx .model flat, stdcalloption casemap :noneinclude \masm32\include\windows.incinclude \masm32\include\user32.incinclude \masm32\include\kernel32.incinclude \masm32\include\masm32.incinclude \masm32\macros\macros.asmincludelib \masm32\lib\user32.libincludelib \masm32\lib\kernel32.libincludelib \masm32\lib\masm32.lib.data.codemain proc local szTemp[128]:byte fn lstrcpy, addr szTemp, "Hello World!" fn MessageBox, 0, addr szTemp, "WIN32 ASM", MB_ICONINFORMATION fn ExitProcess, 0main endpend main Edited April 22, 2009 by diablo2oo2
alaphate Posted April 22, 2009 Author Posted April 22, 2009 (edited) diablo2oo2,The fnc macro is so useful, thank you. Here's another question.In Method 4, Need I add:move ax,dsmov es,ax;beforelea edi,szTempbecause the dest String address should be ES:EDII'm not sure whether ES is same to DS or not in FLAT model. Edited April 22, 2009 by alaphate
diablo2oo2 Posted April 22, 2009 Posted April 22, 2009 diablo2oo2,The fnc macro is so useful, thank you. Here's another question.In Method 4, Need I add:move ax,dsmov es,ax;beforelea edi,szTempbecause the dest String address should be ES:EDII'm not sure whether ES is same to DS or not in FLAT model.i dont understand this "old" assembler stuff with "ds,es,int..." i code only win32 assembly with highlevel language syntax (.if .else..). and it's ok, its all i need.
alaphate Posted April 22, 2009 Author Posted April 22, 2009 (edited) I used debug to check the register's value.DS == ESYou are right, no need transfer DS to ES.Thank you for your 4 methods. I learned a lot. Thx! Edited April 22, 2009 by alaphate
D1N Posted April 23, 2009 Posted April 23, 2009 use latest MASM version. MASM is so powerfull because of its macros. use them! one of this macros is the "fn"macro. Use the "fn" command instead "invoke". the "fn" instruction will allow you to use strings like in c. so you don not need to put them to .data section! there is also a macro called "fnc", its used for c-style escape characters like "hello\nworld". \n is nextline. see masm helpfiles for more information. @diablo2oo2 I think this was one of the coolest things they did with MASM adding the fn macro. fnc is good as well ive used it for new lines\n. Nice methods.
EvOlUtIoN Posted April 23, 2009 Posted April 23, 2009 to solve this problem, just use functions provided by masm lib...you'll do anithing you want.
Ksbunker Posted June 9, 2009 Posted June 9, 2009 Similiar to method 2, but a bit more difficult to step with Olly;To figure out why this MACRO works you must know how the CALL instruction works. CALLs changes EIP to new destination address and pushes return EIP after the CALL instruction into ESP. So this MACRO pushes the return instruction (i.e. OFFSET "string") into ESP. If you try to step through the code, you will cease execution at the szCALL "string" or "00401004 . E8 07000000 CALL gamespy.00401010". szCALL MACRO sz CALL @F BYTE sz, NULL @@: ENDM.CODEstart: push 0 push 0 szCALL "string" push 0 call MessageBox retend start00401000 > $ 6A 00 PUSH 000401002 . 6A 00 PUSH 000401004 . E8 07000000 CALL gamespy.00401010 ; stepping fails here00401009 . 73 74 JNB SHORT gamespy.0040107F0040100B . 72 69 JB SHORT gamespy.004010760040100D . 6E OUTS DX,BYTE PTR ES:[EDI] 0040100E 67 DB 67 0040100F 00 DB 0000401010 . 6A 00 PUSH 0 00401012 . E8 01000000 CALL <JMP.&user32.MessageBoxA> 00401017 . C3 RETN00401018 $-FF25 00204000 JMP DWORD PTR DS:[<&user32.MessageBoxA>]; user32.MessageBoxASimiliar to method 3, but a bit more non-sequitor;OPTION PROLOGUE:NONE OPTION EPILOGUE:NONE StackSZ PROTO push ebp mov ebp, esp sub esp, 4 mov dword ptr [ebp-4], "321"; MOV DWORD PTR SS:[EBP-4],796548 mov eax, ebp sub eax, 4 INVOKE MessageBox, 0, eax, 0, 0; eax = "123", NULL add esp, 4 leave ret StackSZ ENDPOPTION PROLOGUE:PrologueDef OPTION EPILOGUE:EpilogueDef
SunBeam Posted June 15, 2009 Posted June 15, 2009 Pretty cool info. That damn "fn" macro is what I've been looking for all along - I always had stupid errors with INVOKE regarding PERFECTLY written params for some APIs or functions. FN helps a lot! Good show everyone!
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now