Ultimately what I would like to do is goto memory location 0E3h and get the first 4 bytes after they have been switched from little endian to big endian. my messagebox should popup with 0006 displayed instead of 00060000. I have run into a snag when I try to mov single bytes out of edi. Can someone explain what I having issues with here. Thanks.


.model flat, stdcall
option casemap:none

include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
include \masm32\include\user32.inc
include \masm32\include\masm32.inc
include \masm32\include\debug.inc

includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\user32.lib
includelib \masm32\lib\masm32.lib
includelib \masm32\lib\debug.lib

FileName db "test.txt",0

hFile dd ?
fSize dd ?
hHeap dd ?
pHeap dd ?
bRead dd ?

invoke CreateFile,addr FileName,
mov hFile,eax

invoke GetFileSize,hFile,0 ;get file size
mov fSize,eax
invoke HeapCreate,0,fSize,0 ;create memory object
mov hHeap,eax
invoke HeapAlloc,hHeap,HEAP_ZERO_MEMORY,fSize ;allocate the memory
mov pHeap,eax
invoke ReadFile,hFile,pHeap,fSize,addr bRead, 0 ;read the whole file into memory

mov esi,[pHeap]
mov edi,[esi+03eh]
bswap edi

;mov al,byte ptr[edi] ;why would this line crash

invoke dw2hex,edi,ebx
invoke MessageBox,0,ebx,0,0

invoke HeapFree,hHeap,0,pHeap
invoke HeapDestroy,hHeap
invoke ExitProcess,0

end start
Posted on 2003-04-16 22:59:49 by tremors
here is the file i am using. i forgot to put it with the above post.
Posted on 2003-04-16 23:14:49 by tremors
using [] for pHeap access makes no difference with MASM.
Posted on 2003-04-17 02:24:32 by japheth

   mov esi,[pHeap]

mov edi,[esi+03eh]
bswap edi

;mov al,byte ptr[edi] ;why would this line crash
I'm guessing that has a file offset. It most definitely is not a pointer, as the file should not know where it will be loaded in memory. If I'm right, you need to convert the offset into a pointer by adding the base address in ESI to EDI.
Posted on 2003-04-17 02:26:31 by tenkey
Like what tenkey had said,

edi contains a data not an address. So when you attempted to read it like a pointer (ie mov al,byte ptr), the code crashes. If you want to get the high byte of the edi, I would suggest you use something like shr edi,24 using shifts and such.
Posted on 2003-04-17 03:15:32 by roticv
I am having a hard time trying to figure out how to get my message box to display 0006 which is the first 4 bytes of edi. Will someone help me out with this? Currently my message box displays 8 bytes 00060000 and all I need is the first 4.
Posted on 2003-04-17 20:22:35 by tremors
The below code snipet works for me. Thanks for all those who replied.

mov esi,
mov edi,
bswap edi

invoke dw2hex,edi,esi
mov byte ptr,0
invoke MessageBox,0,esi,0,0
Posted on 2003-04-18 00:23:19 by tremors
mov eax,edi
movzx eax,ax

eax now contains the low order 2 bytes. a DWORD is only 4 bytes long so edi contains 4 max I assume you mean you want to display the lower 2 bytes not all 4.
Posted on 2003-04-18 00:52:02 by donkey
Well, donkey

I suppose that is not what he wants... he just wants to display his high word of edi as 0006 and not 00000006 or 00060000.
Posted on 2003-04-18 07:20:17 by roticv