C++ program and my __asm
-
Hi everybody, I hope you guys don't mind if I ask you a question about assembly in the C/C++ section. I used to love this forum since when I've received help to fix a bug in the program I developed for my thesis. I have a win32 console application written in C++ and a function which invokes the assembler inline (__asm). I need to use assembly in this function for technical reason. I would like to write the assembler code that calls the API WinExec and then ExitProcess. I have tried to do that in 3 different ways but no one worked. Result, my machine crash. 1) db is not allow in Visual C++ within __asm, so the following solution has to be replaced with the #2. jmp short GetCommand CommandReturn: pop ebx xor eax,eax push eax push ebx mov ebx,0x7c8615b5 ;place address of WinExec into ebx call ebx xor eax,eax push eax mov ebx, 0x7c81ca82 ;place address of ExitProcess into ebx call ebx GetCommand: call CommandReturn db "calc.exe" db 0x00 2) This can be compiled and run but it makes the machine crash. It seems the address of WinExec it's wrong and the system get lost. So I have tried the #3. (below only the WinExec) mov ebp,esp push 0x20657865 ; I have also tried with 20657865H, Is there any difference? push 0x2e646d63 lea eax,dword ptr ss:[ebp-8] push eax mov eax,0x7c86114d call eax 3) In the code below I define a pointer to const char c which point to the string that i want to pass as a parameter to the Exec call. I also use the name of the API function instead of the address. Result the code has been compiled but the machine crash. const char* c = "calc.exe"; int foo() { _asm{ push c xor eax,eax push eax call WinExec xor eax,eax push eax call ExitProcess } } That's all. I hope this make sense. :cool: Thanks, FS
-
Hi everybody, I hope you guys don't mind if I ask you a question about assembly in the C/C++ section. I used to love this forum since when I've received help to fix a bug in the program I developed for my thesis. I have a win32 console application written in C++ and a function which invokes the assembler inline (__asm). I need to use assembly in this function for technical reason. I would like to write the assembler code that calls the API WinExec and then ExitProcess. I have tried to do that in 3 different ways but no one worked. Result, my machine crash. 1) db is not allow in Visual C++ within __asm, so the following solution has to be replaced with the #2. jmp short GetCommand CommandReturn: pop ebx xor eax,eax push eax push ebx mov ebx,0x7c8615b5 ;place address of WinExec into ebx call ebx xor eax,eax push eax mov ebx, 0x7c81ca82 ;place address of ExitProcess into ebx call ebx GetCommand: call CommandReturn db "calc.exe" db 0x00 2) This can be compiled and run but it makes the machine crash. It seems the address of WinExec it's wrong and the system get lost. So I have tried the #3. (below only the WinExec) mov ebp,esp push 0x20657865 ; I have also tried with 20657865H, Is there any difference? push 0x2e646d63 lea eax,dword ptr ss:[ebp-8] push eax mov eax,0x7c86114d call eax 3) In the code below I define a pointer to const char c which point to the string that i want to pass as a parameter to the Exec call. I also use the name of the API function instead of the address. Result the code has been compiled but the machine crash. const char* c = "calc.exe"; int foo() { _asm{ push c xor eax,eax push eax call WinExec xor eax,eax push eax call ExitProcess } } That's all. I hope this make sense. :cool: Thanks, FS
-
Hi everybody, I hope you guys don't mind if I ask you a question about assembly in the C/C++ section. I used to love this forum since when I've received help to fix a bug in the program I developed for my thesis. I have a win32 console application written in C++ and a function which invokes the assembler inline (__asm). I need to use assembly in this function for technical reason. I would like to write the assembler code that calls the API WinExec and then ExitProcess. I have tried to do that in 3 different ways but no one worked. Result, my machine crash. 1) db is not allow in Visual C++ within __asm, so the following solution has to be replaced with the #2. jmp short GetCommand CommandReturn: pop ebx xor eax,eax push eax push ebx mov ebx,0x7c8615b5 ;place address of WinExec into ebx call ebx xor eax,eax push eax mov ebx, 0x7c81ca82 ;place address of ExitProcess into ebx call ebx GetCommand: call CommandReturn db "calc.exe" db 0x00 2) This can be compiled and run but it makes the machine crash. It seems the address of WinExec it's wrong and the system get lost. So I have tried the #3. (below only the WinExec) mov ebp,esp push 0x20657865 ; I have also tried with 20657865H, Is there any difference? push 0x2e646d63 lea eax,dword ptr ss:[ebp-8] push eax mov eax,0x7c86114d call eax 3) In the code below I define a pointer to const char c which point to the string that i want to pass as a parameter to the Exec call. I also use the name of the API function instead of the address. Result the code has been compiled but the machine crash. const char* c = "calc.exe"; int foo() { _asm{ push c xor eax,eax push eax call WinExec xor eax,eax push eax call ExitProcess } } That's all. I hope this make sense. :cool: Thanks, FS
I'm not sure why you think you need to do this, but remember that Visual Studio will not let you use _asm in x64 builds.
Best wishes, Hans
-
Hi everybody, I hope you guys don't mind if I ask you a question about assembly in the C/C++ section. I used to love this forum since when I've received help to fix a bug in the program I developed for my thesis. I have a win32 console application written in C++ and a function which invokes the assembler inline (__asm). I need to use assembly in this function for technical reason. I would like to write the assembler code that calls the API WinExec and then ExitProcess. I have tried to do that in 3 different ways but no one worked. Result, my machine crash. 1) db is not allow in Visual C++ within __asm, so the following solution has to be replaced with the #2. jmp short GetCommand CommandReturn: pop ebx xor eax,eax push eax push ebx mov ebx,0x7c8615b5 ;place address of WinExec into ebx call ebx xor eax,eax push eax mov ebx, 0x7c81ca82 ;place address of ExitProcess into ebx call ebx GetCommand: call CommandReturn db "calc.exe" db 0x00 2) This can be compiled and run but it makes the machine crash. It seems the address of WinExec it's wrong and the system get lost. So I have tried the #3. (below only the WinExec) mov ebp,esp push 0x20657865 ; I have also tried with 20657865H, Is there any difference? push 0x2e646d63 lea eax,dword ptr ss:[ebp-8] push eax mov eax,0x7c86114d call eax 3) In the code below I define a pointer to const char c which point to the string that i want to pass as a parameter to the Exec call. I also use the name of the API function instead of the address. Result the code has been compiled but the machine crash. const char* c = "calc.exe"; int foo() { _asm{ push c xor eax,eax push eax call WinExec xor eax,eax push eax call ExitProcess } } That's all. I hope this make sense. :cool: Thanks, FS
There are several issues here: a. As already mentioned there is no point in using inline assembler for a function call. Inline assembler is occasionally (but very rarely nowadays) used for efficiency or for doing some low-level hardware things. But even if you have to use assmebler for something you can move results to local variable(s) for passing to functions in normal C/C++ code. b. You can't just do a "call" to an arbitrary memory location (as in your 1 and 2 examples). You have to use some sort of symbolic name so the linker can resolve the addres and the loader can adjust addresses when the program is run. c. Your example 3 looks like it could work but I think you are pushing the parameters onto the stack in the wrong order. d. Where does the code crash? I suspect in the call to WinExec but you can step through the code in the debugger to see exactly where it goes wrong. (Use Debug/Windows/Disassembly menu item to get the assembler code in the debugger.) e. Check what registers you can use in an _asm {} block. I think eax is safe but you may have to save (ie push and later pop) others like ebp before using them.
Andrew Phillips http://www.hexedit.com andrew @ hexedit.com