Re: ASM Help
NP ma man...
Here's how to fix this...
Push the paremeters on the stack,
and then do call(address_in_mem_of_function).
Then pop the parameters.
Easy huh?
Just use Eu's call()...
Mike The Spike
--- Matthew Lewis <matthewwalkerlewis at YAHOO.COM>
wrote:
>
> I'm hoping someone here can help me out with some
> ASM. I'm trying to push
> some parameters on the stack, first of all, and then
> call a function to
> which I have a pointer. I've managed to move the
> params from memory to the
> stack, but I can't figure out how to call the other
> function.
>
> I've been using asm.e from Pete Eberlein, and he
> only has support for call
> near, which I don't think I can use here. So I've
> been poking around, and
> figured out how to put together opcodes for call
> far.
>
> Has anyone done anything like this? I've looked at
> a lot of stuff all over
> the web about ASM, and most of it really doesn't
> help, since it's usually
> geared toward MASM or the like, which is at a
> somewhat higher level than I'm
> working. Pete's docs doesn't seem to shed any light
> on this, either,
> although I found the encoding schemes for mnemonics
> at
> http://www.imada.ou.dk/~jews/PInfo/intel.html
>
>
> Here's my code (it's been modified somewhat at 1A
> from the original output).
> The function I want to call is located at comfunc
> (which I poke in after
> putting the routine into memory). I suspect part of
> my problem may be not
> pushing something (like the return address), but
> I've gotten the impression
> that call should do this automatically.
>
> com_asm = {
> #60, -- 0: pusha
> #BB,#00,#00,#00,#00, -- 1: mov ebx,
> paramcount (2)
> #8B,#0D,#00,#00,#00,#00,-- 6: mov ecx,
> [params] (8)
> #8B,#01, -- C: start: mov eax,
> [ecx]
> #50, -- E: push eax
> #83,#C1,#04, -- F: add ecx, 4
> #4B, -- 12: dec ebx
> #75,#F7, -- 13: jnz start
> #B8,#00,#00,#00,#00, -- 15: mov edx,
> comfunc (22)
> #FF,#D8, -- 1A: call far eax
> #58, -- 1C: pop eax
> #A3,#00,#00,#00,#00, -- 1D: mov
> [retpointer], eax (30)
> #58,
> #58,
> #58,
> #61, -- 22: popa
> #C3}, -- 23: ret
>
> When I call the routine, I get a fault. Here's a
> dissasembly (the entry
> point is 00595610):
>
> ---------- Code Disassembly ----------
> function: <nosymbols>+0000
> 0059560f 0060bb add
> [eax-0x45],ah
> ds:00f30b76=??
> 00595612 0300 add eax,[eax]
> ds:00591f78=b7b85bc3
> 00595614 0000 add [eax],al
> ds:00591f78=c3
> 00595616 8b0d087e5900 mov
> ecx,[00597e08]
> ds:00597e08=00597df8
> 0059561c 8b01 mov eax,[ecx]
> ds:00597e04=00000011
> 0059561e 50 push eax
> 0059561f 83c104 add ecx,0x4
> 00595622 4b dec ebx
> 00595623 75f7 jnz 0059561c
> 00595625 b8781f5900 mov
> eax,0x591f78
> FAULT ->0059562a ffd8 call eax
> 0059562c 58 pop eax
> 0059562d a300505659 mov
> [59565000],eax
> ds:59565000=????????
> 00595632 005858 add
> [eax+0x58],bl
> ds:00f30b76=??
> 00595635 61 popad
> 00595636 c3 ret
> 00595637 0920 or [eax],esp
> ds:00591f78=b7b85bc3
> 00595639 2020 and [eax],ah
> ds:00591f78=c3
> 0059563b 2011 and [ecx],dl
> ds:00597e04=11
> 0059563d 0000 add [eax],al
> ds:00591f78=c3
> 0059563f 0020 add [eax],ah
> ds:00591f78=c3
> 00595641 005900 add [ecx],bl
> ds:00f36a02=??
>
> Registers:
> EAX: 00591F78 EBX: 00000000 ECX: 00597E04 EDX:
> 00000000 ESI: 00595610 EDI:
> 00000001
> EIP: 0059562A ESP: 0056FC0C EBP: 0056FC46 IOPL: 0
> nv up ei pl zr na
> po nc
> CS: 015F SS: 0167 DS: 0167 ES: 0167 FS: 59CF
> GS: 0000 EFL:
> 00010246
>
> Stack:
> ---------- Top of the Stack ----------
> 0056FC0C 00580030 00594E78 005F4250 00000001
> |0.X.xNY.PB_.....|
> 0056FC1C 00595610 0056FC46 0056FC38 00000028
> |.VY.F.V.8.V.(...|
> 0056FC2C 00000000 005A2644 005A2644 0041454C
> |....D&Z.D&Z.LEA.|
> 0056FC3C 005E0880 00000001 00423618 0056FC64
> |..^......6B.d.V.|
>
> ---------- Stack Back Trace ----------
> Stopped at 0059562A (0001:0059462A in (UNKNOWN))
> Base=0x00000000
> RVA=0x00001000
>
> Matt Lewis
>
|
Not Categorized, Please Help
|
|
