Jump to content
Tuts 4 You
LCF-AT

How to assemble text to binary code for MASM?

Recommended Posts

kao
16 hours ago, LCF-AT said:

if I load the files of tut35 into WinASM .. it crashs in the NewRichEditProc routine (stack empty).

It's not an empty stack, it's a stack overflow. :)

 

If you look at original iczedit.exe (available in https://tuts4you.com/e107_plugins/download/request.php?id=1200 , CHM->Tutorial 35->Download the example), you'll see that it has stack reserve & commit = 2000000 bytes. By default, Microsoft link.exe uses values 1048576 and 4096. Change those and it will work just fine.

Command line should look something like this (not using WinASM, so I don't know the exact steps you need to take):

c:\masm32\bin\Link /SUBSYSTEM:WINDOWS /OPT:NOREF /STACK:2000000,2000000 %1.obj rsrc.obj

 

  • Like 2

Share this post


Link to post
Share on other sites
LCF-AT

Hi guys,

thanks again.Ok now I see it.The NewRichEditProc in this example did use a local buffer of 1024*10. :) Pretty much.My compiler settings = this...

/SUBSYSTEM:WINDOWS /RELEASE /VERSION:4.0

...does it mean that I only should add /STACK:2000000,2000000.....ok I have test it with adding stack and it works without crashing anymore. :) Thanks for this new info about it kao.

Now I have one more small question about that tut35 example.So I would like to use a specific font for the RichEdit and have some problems with that.First I dont see what it used as default font for this RichEdit control (I dont use resource file of tut 35) but it look like in the original 35 file.Now I tried to change the font using CreateFont & WM_SETFONT to set my new font and this is also shown but if it gets colored (if I enter mov for example) then it does change and gets smudged anyhow like this...

Font.png.4e1647bedc2dba8ed348bfa342816197.png

...so how can I make it match without to get that overlapping issues?

greetz

Share this post


Link to post
Share on other sites
LCF-AT

Hi,

I tried to change the font here....

SetColor proc
	LOCAL cfm:CHARFORMAT
	invoke SendMessage,hwndRichEdit,EM_SETBKGNDCOLOR,0,rgb(255,255,225);BackgroundColor
	invoke RtlZeroMemory,addr cfm,sizeof cfm
	mov cfm.cbSize,sizeof cfm
	mov cfm.dwMask, CFM_FACE	
	invoke lstrcpy,addr cfm.szFaceName,chr$("Comic Sans MS")
	mov cfm.yHeight,220
	invoke SendMessage,hwndRichEdit,EM_SETCHARFORMAT,SCF_ALL,addr cfm
	ret
SetColor endp

....just for testing.Now I get to see comic sans font with 220 hight.First problem its some kind of bold no idea why so I didnt set bold.Now if it gets colored by matching words then its also getting overlapped again what I dont check yet.In the NewRichEditProc its reading the char rect and does draw the color over it but it dosent match...

Font2.png.a73b7fdae3e1e82c050114a5a80d162e.png

and with using CFM_SIZE in dwMask and yHeight,400 = this...

Font3.png.9c870eedf604b217eea0177d0cc48fa4.png

...so how do I get this matching to the font / size I did set in CHARFORMAT / EM_SETCHARFORMAT?Also this BOLD thing is bad.

greetz

Share this post


Link to post
Share on other sites
cob_258

I studied a little bit (not deeply) the code of SimEd.exe (at https://sourceforge.net/p/fbedit/code/HEAD/tree/SimEd/) and found that it loads RAEdit.dll, the control that show highlighted code have the class of "RAEdit" (which is registered by RAEdit.dll using RegisterClassExA)

image.png.a304ce13e0e645bf2cb46da829e99755.png

 

To set syntax highlight read the "SetKeyWords proc hWin:HWND" in  simed\simed\misc.asm (or at 0x4014BC in SimEd.exe)


image.png.f656423dc8f01a8015a8f533c988446f.png

 

TL;DR  : 

  • set HiLiteControl's class = "RAEdit"
  • at WM_INITDIALOG use "invoke SendMessage,hHiLiteControl, REM_SETHILITEWORDS, dwColor,lpstrGroup"
Edited by cob_258
  • Like 1

Share this post


Link to post
Share on other sites
LCF-AT

Hi,

not sure what to use now so its again something else.Do you have some more detailed example for this etc?What is dwColor,lpstrGroup?I dont see it in the RAEdit.inc.

Still fighting with that font trash problem I dont get fixed yet. :(

greetz

Share this post


Link to post
Share on other sites
cob_258

by setting a BP on 40155A (I'm debugging SimEd.exe) we notice that the last parameter (lpstrGroup) is a pointer to string that contains the words that has should be colored by dwColor which is the 0x00BBGGRR (B = blue, G = green, R = red) encoded color 

see the stack below, these are the parameters of SendMessageA at 40155A :

image.png.5694ea3f8be5c13bb5b2c5072106992b.png

 

we also have this from Raedit.inc

REM_SETHILITEWORDS        equ REM_BASE+0        ;wParam=Color, lParam=lpszWords

-----------------------------------------------------------------

this is a quickly written example in masm (I use WinAsm IDE) 

RaeTest.rar

 

the examples set's colors only for registers (I'm lazy xD)

image.png.9eef5d5f880d01cdcc798b985a7a2d38.png

 

BTW thanks to @fearless for the link to the library

 

Edited by cob_258
  • Like 1

Share this post


Link to post
Share on other sites
kao
13 hours ago, LCF-AT said:

.Now I get to see comic sans font with 220 hight.First problem its some kind of bold no idea why so I didnt set bold  ... its reading the char rect and does draw the color over it but it dosent match...

1) Start with basics and read Tutorial 33. :) You did not set dwMask field correctly, that's why font keeps previous setting (bold).
2) Read the actual text of Tutorial 35 - it explains how syntax highlighting is implemented. In short - you should not change font *inside* the SetColor method. If you set it when creating RichEdit, it should work fine.

 

  • Like 1

Share this post


Link to post
Share on other sites
LCF-AT

Hi guys,

thanks again for your answers.Ok,slowly I do understand the RAEdit control. :) Playing around a little to set some diffrent paramters etc and it works so far also setting cusom fonts / colors.I have a question about it so I cant find all infos in the inc file like...GetCharTabPtr so whats this?Something with the tabs.

Ok kao,so I tried to set the font only after creating the RichEdit control and its working same bad what means I get to see my set font but if it gets colored then it also dosent match = double as you can see on my pics I made.Also get same bad results if I change font in SetColor proc. :( Thats also the reason why I did start to change that SetColor proc CHARFORMAT struct because WM_SETFONT wasnt enough to get both matched (normal & colored text) you know.

greetz

 

Share this post


Link to post
Share on other sites
cob_258

The definition of GetCharTabPtr is in RAEdit.asm

Spoiler

GetCharTabPtr proc public

    mov        eax,offset CharTab
    ret

GetCharTabPtr endp

 

CharTab in Data.inc

Spoiler

CharTab                    db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0        ;00
                        db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0        ;10
                        ;    ! " # $ % & ' ( ) * + , - . /
                        db 0,2,5,3,2,2,2,5,2,2,2,2,2,2,3,2        ;20
                        ;  0 1 2 3 4 5 6 7 8 9 : ; < = > ?
                        db 1,1,1,1,1,1,1,1,1,1,2,4,2,2,2,3        ;30
                        ;  @ A B C D E F G H I J K L M N O
                        db 1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1        ;40
                        ;  P Q R S T U V W X Y Z [ \ ] ^ _
                        db 1,1,1,1,1,1,1,1,1,1,1,2,2,2,2,1        ;50
                        ;  ` a b c d e f g h i j k l m n o
                        db 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1        ;60
                        ;  p q r s t u v w x y z { | } ~
                        db 1,1,1,1,1,1,1,1,1,1,1,2,2,2,0,0        ;70

                        db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0        ;80
                        db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0        ;90
                        db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0        ;A0
                        db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0        ;B0
                        db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0        ;C0
                        db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0        ;D0
                        db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0        ;E0
                        db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0        ;F0

 

and this is the meaning of these values (in RAEdit.inc)

Spoiler

;Character table types
CT_NONE                    equ 0
CT_CHAR                    equ 1
CT_OPER                    equ 2
CT_HICHAR                equ 3
CT_CMNTCHAR                equ 4
CT_STRING                equ 5
CT_CMNTDBLCHAR            equ 6
CT_CMNTINITCHAR            equ 7

 

I guess it's a table to redefine the meaning/type of every character and it has nothing to do with tabs 

  • Like 1

Share this post


Link to post
Share on other sites
LCF-AT

Hi guys,

thanks again so far for the help.I think I will use the RAEdit control which I got working now so far with my settings I wanna use to have a user interface to enter ASM commands.For reading the entred commands I will use FASM to get the binary code temporary but also here I need to add some extra stuff for using specific APIs for example what FASM cant handle.I think about something like that..

call (GetProcAddress|kernel32.dll)

...using some brackets (|) syntax for API | dll which I do check before and change then to direct address before using it with FASM.Still thinking about it.If I got this working then I use DIASM lib to adjust binary code to new desired temporary location which I then inject into any process or new process I want or to build a loader file with hook engine together.Main goal is just to build something whats pretty easy to use later for the user (also on fly for testing) without to care about hooking & special code and adjustments.No idea whether there is already any tool like that or not but I dont think so.

greetz

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×