I'm having a problem. I have a program that connects to a server. In my program, I have a function that sends command to the server. This works fine, but when I try to adapt it so it can be use different string buffer, it crashes on me. As a matter of fact, from my packet sniffing, it shows a RST flag and from my research, it means reset, but why does it do that?

This is the function header that works:
SendMainCommand PROTO

but when I change it to: SendMainCommand PROTO :DWORD
and change the proc to: SendMainCommand proc gamecommand:DWORD
where I would call it with: invoke SendMainCommand,addr command, or Invoke SendMainCommand, addr gamebuffer
This works fine: The bulk of the code within the middle is just the algorithm that properly forms the packet, as to follow the custom protocol of the server.


SendMainCommand proc

invoke RtlZeroMemory, addr packet_command,1024
lea esi, user_id
lea edi, packet_userid_begin
xor ecx,ecx
_add_user_id:
mov al, [esi+ecx]
cmp al,0
jz _add_packet_id
mov [edi+ecx],al
inc ecx
jmp _add_user_id
_add_packet_id:

;; increment packet id
;; load packet_id into packet
;; do everytime
inc packet_id
mov ax, packet_id
lea edi, packet_id_begin
mov [edi],ah
mov [edi+1h],al

[b]lea esi, command[/b]
lea edi, packet_command
xor ecx, ecx
_add_command:
mov al, [esi+ecx]
cmp al, 0
jz _start_byte_algo
mov [edi+ecx],al
inc ecx
jmp _add_command

_start_byte_algo:

[b]invoke lstrlen,addr command[/b]
push eax
add eax,23
mov packet_length, eax
pop eax
add eax, 09h
lea edi, packet_length_start
mov [edi],eax
add eax, 0Ah
mov esi, eax
mov ecx, 0000007Eh
mov edx, 0000007Eh
xor eax,eax
lea edi, packet_algo_start
_loop_byte_algo:
add cl, byte ptr [eax+edi]
add dl, cl
inc eax
cmp eax, esi
jl _loop_byte_algo

lea edi, packet_begin
xor ax,ax
movzx cx,cl
mov al, dl
add ecx, eax
shl ecx, 8
sub eax, ecx

lea ebp, packet_begin
add ebp, packet_length
sub ebp, 2

mov [ebp],ax

mov cl,ah
and eax,0FFFFh
and eax,800000FFh
mov [ebp],cl

xor edx, edx
mov [ebp+1],al
invoke send,[hSocket1],addr packet_begin, packet_length,0

ret

SendMainCommand endp


Heres the current proc, that keeps crashing and sending some reset flag:



SendMainCommand proc [b]gamecommand:DWORD[/b]

invoke RtlZeroMemory, addr packet_command,1024
lea esi, user_id
lea edi, packet_userid_begin
xor ecx,ecx
_add_user_id:
mov al, [esi+ecx]
cmp al,0
jz _add_packet_id
mov [edi+ecx],al
inc ecx
jmp _add_user_id
_add_packet_id:

;; increment packet id
;; load packet_id into packet
;; do everytime
inc packet_id
mov ax, packet_id
lea edi, packet_id_begin
mov [edi],ah
mov [edi+1h],al

[b]mov esi, gamecommand ;; update in new function[/b]
lea edi, packet_command
xor ecx, ecx
_add_command:
mov al, [esi+ecx]
cmp al, 0
jz _start_byte_algo
mov [edi+ecx],al
inc ecx
jmp _add_command

_start_byte_algo:

[b]invoke lstrlen,gamecommand ;; updated in new function[/b]
push eax
add eax,23
mov packet_length, eax
pop eax
add eax, 09h
lea edi, packet_length_start
mov [edi],eax
add eax, 0Ah
mov esi, eax
mov ecx, 0000007Eh
mov edx, 0000007Eh
xor eax,eax
lea edi, packet_algo_start
_loop_byte_algo:
add cl, byte ptr [eax+edi]
add dl, cl
inc eax
cmp eax, esi
jl _loop_byte_algo

lea edi, packet_begin
xor ax,ax
movzx cx,cl
mov al, dl
add ecx, eax
shl ecx, 8
sub eax, ecx

lea ebp, packet_begin
add ebp, packet_length
sub ebp, 2

mov [ebp],ax

mov cl,ah
and eax,0FFFFh
and eax,800000FFh
mov [ebp],cl

xor edx, edx
mov [ebp+1],al
invoke send,[hSocket1],addr packet_begin, packet_length,0

ret

SendMainCommand endp


As you can see, I just changed the header. Updated the lea esi, command with mov esi, game command, and invoke lstrlen,addr command with invoke lstrlen,gamecommand.

I know this to be the problem because it doesn't execute anything else when returning from the function. :\

I can provide the total source on request. Contact me at dfcslave on AIM for a username/password that works. Thanks. :)
Posted on 2003-07-12 17:39:02 by xkardisx
Well I found out what was causing the crashes. Apparently the function needs a pushad at beginning, and popad at the end. Kind of odd, but it works now. Reason it was working with the original one, was because in that particular instance I actually had a pushad, and popad, before I actually called the function.
Posted on 2003-07-13 05:55:08 by xkardisx