Author Topic: Strings on the Stack  (Read 15955 times)

nobody

  • Guest
Strings on the Stack
« on: November 22, 2008, 04:17:57 AM »
Here is a test piece of code I'm having difficulties with and for the live of me can not figure out

how to make it work. Nasm is assembling my code different than I expect. The string is not copied

to the stack buffer but somewhere else. How can I make this piece work without globals?

PROC testproc,source
LOCAL buf,128
lea eax,[@buf]
scall RtlZeroMemory,eax,128                  ;zero stack buffer

lcall strlen,[@source]         ;get lenght of string, local call
   mov ecx,eax            ;copy length
   lea edi,[@buf]            ;get address of local buffer
   lea esi,[@source]                  ;get source address in data
   mov esi,[esi]            ;dereference
   xor eax,eax            ;clear eax
   inc ecx               ;adjust for 0
   while ecx,g,0
      mov al,[esi]         ;loop through source string and copy to dest
      mov [edi],al      <======   ;MOV BYTE PTR SS:[EDI],AL
      inc esi
      inc edi
      dec ecx
   wend               ;until ecx = zer0 = string lenght
   lea eax,[@buf]            ;print string to console
   scall StdOut,eax
ENDP

00401412  |. 89C1           MOV ECX,EAX
00401414  |. 8D7D 80        LEA EDI,DWORD PTR SS:[EBP-80]
00401417  |. 8D75 08        LEA ESI,DWORD PTR SS:[EBP+8]
0040141A  |. 8B36           MOV ESI,DWORD PTR DS:[ESI]
0040141C  |. 31C0           XOR EAX,EAX
0040141E  |. 41             INC ECX
0040141F  |> 81F9 00000000  /CMP ECX,0
00401425  |. 0F8E 09000000  |JLE StringMa.00401434
0040142B  |. 8A06           |MOV AL,BYTE PTR DS:[ESI]
0040142D  |. 8807           |MOV BYTE PTR DS:[EDI],AL   <======
0040142F  |. 46             |INC ESI
00401430  |. 47             |INC EDI
00401431  |. 49             |DEC ECX
00401432  |.^EB EB          \JMP SHORT StringMa.0040141F

I would also like to do this:
   lea edi,[@buf]         ;Local buffer
   scall strcpy,edi,[@source]            ;DLL call
   lea eax,[@buf]
   scall StdOut,eax      ;print to console

Tx Klod

nobody

  • Guest
Re: Strings on the Stack
« Reply #1 on: November 22, 2008, 06:51:24 AM »
Hi Klod,

Strictly speaking:

mov [edi],al <====== ;MOV BYTE PTR SS:[EDI],AL  

This moves to [ds:edi], not [ss:edi]. Shouldn't make any difference in Windows (or any OS with a "flat" memory model). You might try "mov [ss:edi], al", but I doubt if it'll help.

What is Nasm assembling differently than what you expect? Hard to tell without the macros at hand, but this looks "normal" to me - and looks like it should work! The strcpy version looks like it should work, too!

Can you step through it in a debugger and see where the string *is* being copied too? Can you print the source string with "scall StdOut, dword [@source]" or so? Dunno, it looks okay to me...

Best,
Frank

nobody

  • Guest
Re: Strings on the Stack
« Reply #2 on: November 29, 2008, 03:21:21 AM »
I did figure out the error. It was in an other routine I used for testing out put. I passed a wrong pointer and I was overwriting my local buffer. What tripped me was
mov [edi],al <====== ;MOV BYTE PTR DS:[EDI],AL     ;Ollydebug
mov [edi],al <====== ;MOV BYTE PTR SS:[EDI],AL     ;what I wanted

Thanks for pointing out the notation [ss:edi]. Yes you are right, it does not matter code wise, but I find it easier to read and it tells me what I wanted to do....

I'm still struggling with this difference:
global dd 0
mov eax,global   ;get address
mov eax[global]  ;get value
lea edi,[@buf] ;get address of local buffer
mov edi,[@buf] ;get value of local buffer  

This has been very confusing in the past, but by coding a few assembly routines myself, the fog is lifting.

thx for your help