stackoom
  简体   繁体   中英

Call not returning properly [X86_ASM]

 原文  2012-04-13 12:38:30       c++/ inline-assembly

Question

This is C++ using x86 inline assembly [Intel syntax]

Function: 

     DWORD *Call ( size_t lArgs, ... ){

    DWORD *_ret = new DWORD[lArgs];

    __asm {
        xor edx, edx
        xor esi, esi
        xor edi, edi
        inc edx
start:
        cmp edx, lArgs
        je end
        push eax
        push edx
        push esi
        mov esi, 0x04
        imul esi, edx
        mov ecx, esi
        add ecx, _ret
        push ecx
        call dword ptr[ebp+esi] //Doesn't return to the next instruction, returns to the caller of the parent function.
        pop ecx
        mov [ecx], eax
        pop eax
        pop edx
        pop esi
        inc edx
        jmp start
end:
        mov eax, _ret
        ret
    }
}

The purpose of this function is to call multiple functions/addresses without calling them individually.

Why I'm having you debug it? I have to start school for the day, and I need to have it done by evening.

Thanks alot, iDomo

2 answers

solution1
 3 ACCPTED  2012-04-13 14:13:22

Thank you for a complete compile-able example, it makes solving problems much easier.

According to your Call function signature, when the stack frame is set up, the lArgs is at ebp+8 , and the pointers start at ebp+C . And you have a few other issues. Here's a corrected version with some push/pop optimizations and cleanup, tested on MSVC 2010 (16.00.40219.01) : 

DWORD *Call ( size_t lArgs, ... ) {

    DWORD *_ret = new DWORD[lArgs];

    __asm {
        xor edx, edx
        xor esi, esi
        xor edi, edi
        inc edx
        push esi
start:
        cmp edx, lArgs
        ; since you started counting at 1 instead of 0
        ; you need to stop *after* reaching lArgs
        ja end
        push edx
        ; you're trying to call [ebp+0xC+edx*4-4]
        ; a simpler way of expressing that - 4*edx + 8
        ; (4*edx is the same as edx << 2)
        mov esi, edx
        shl esi, 2
        add esi, 0x8
        call dword ptr[ebp+esi]
        ; and here you want to write the return value
        ; (which, btw, your printfs don't produce, so you'll get garbage)
        ; into _ret[edx*4-4] , which equals ret[esi - 0xC]
        add esi, _ret
        sub esi, 0xC
        mov [esi], eax
        pop edx
        inc edx
        jmp start
end:
        pop esi
        mov eax, _ret
        ; ret ; let the compiler clean up, because it created a stack frame and allocated space for the _ret pointer
    }
}

And don't forget to delete[] the memory returned from this function after you're done.

solution2
 1  2012-04-13 12:59:53

I notice that, before calling, you push EAX, EDX, ESI, ECX (in order), but don't pop in the reverse order after returning. If the first CALL returns properly, but subsequent ones don't, that could be the issue.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How can I call this x86 ASM CALL in C++ with typedef or inline Passing array as a parameter to an external ASM (Assembly) x86 and accessing it gcc inline asm x86 CPU flags as input dependency Assembly asm x86 Encryption/Decryption Program Passing integer to x86 ASM in C++ x86-64 assembler for polymorphic call What is the use of this asm block using x86 DIV in c++? Is there an allocate winapi call in x86 EXEs? Trying to convert big to little endian with x86 asm SSSE3 x86 asm access and edit stdcall function argument in a __declspec(naked) function
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM