__forceinline float filter( float input, float fc, float res, int highpass=0 )

{
static float _116 = 1.16f;
static float _015 = 0.15f;
static float _035 = 0.35013f;
static float _030 = 0.3f;
static float pIn[5];
float *pOut = curIns->filterDataOut; // we need to save the values per instrument
__asm
{
mov esi, pOut
lea edi, pIn
push esi
push edi
stosd ;//add edi, 4

;// float f = fc * 1.16f;
fld dword ptr fc
fmul dword ptr [_116] ;// f in st0

;// float fb = res * (1.0f - 0.15f * f * f);
fld1
fld st(1)
fmul st(0), st(0)
fmul dword ptr [_015]
fsubp st(1), st(0)
fmul dword ptr res

;// input -= pOut[4] * fb;
fmul dword ptr [esi+4*4]
fsubr dword ptr input
fstp dword ptr input

;// input *= 0.35013f * (f*f*f*f);
fld st(0)
fmul st(0), st(1)
fmul st(0), st(1)
fmul st(0), st(1)
fmul dword ptr [_035]
fmul input
fstp dword ptr [esi] ;// pOut[0] = input

;// 1-f
fld1
fsubrp st(1), st(0)

xor ecx, ecx
mov cl, 4

poleLoop:

;// pOut[i] = bla;//0.3f * pIn[i] + bla;//invF * pOut[i];
fld st(0)
fmul dword ptr [esi+4]

fld dword ptr [edi]
fmul dword ptr [_030]

faddp st(1), st(0)
fadd dword ptr [esi]

fstp dword ptr [esi+4]

;// pIn[i] = pOut[i-1];
;// and update esi and edi at the same time :)
movsd

loop short poleLoop

fstp st(0) ;// we have (1-f) left on fpu stack

pop edi
pop esi
fld dword ptr [esi+16]
cmp dword ptr [highpass], 0
je short noHighPass
fsubr dword ptr [edi+16]
noHighPass:
;// fstp [esi]
}
;// return *pOut;
}


Anyone got a smaller one? :)

Those float values unfortunately are quite sensitive.. Eg if I'd get rid of _030 and use _035 for that as well, it sounds completely different.
Sorry about the C++ shit, I'm too lazy right now to convert my whole softsynth to asm :)

Attached is a first version of the result.. Note please that I'm not a very musical person.. Once I've got an interface I'll pass it on to someone who's actually good at doing music :grin:

edit: Updated attachment to latest version..
Posted on 2003-08-19 07:36:51 by snq
Okay.. just after I posted I saw the first thing:

Replace
        ;// input -= pOut[4] * fb;

fmul dword ptr [esi+4*4]
fsubr dword ptr input
fstp dword ptr input

;// input *= 0.35013f * (f*f*f*f);
fld st(0)
fmul st(0), st(1)
fmul st(0), st(1)
fmul st(0), st(1)
fmul dword ptr [_035]
fmul input
fstp dword ptr [esi] ;// pOut[0] = input

with
        ;// input -= pOut[4] * fb;

fmul dword ptr [esi+4*4]
fsubr dword ptr input

;// input *= 0.35013f * (f*f*f*f);
fld st(1)
fmul st(0), st(2)
fmul st(0), st(2)
fmul st(0), st(2)
fmul dword ptr [_035]
fmulp st(1), st(0)
fstp dword ptr [esi] ;// pOut[0] = input
Posted on 2003-08-19 08:32:29 by snq
wow! very nice stuph and in only 4kb ... remember that i saw one 4k intro
with tunnel effect and synth music, dont remember the name.

you can use create an random goa generator using this minisynth :) for
non stop tripping experience.

... when to expect an interface ;) ? or an asm lib for playing ?
Posted on 2003-08-19 09:06:16 by TBD
Well it's not really 4k actually ;) All code and data together is a bit over 2k.. Its all the damn headers and alignment and shit that make it 4k :)

I might release a public version perhaps even with source when it's all done and when I've at least gotten the chance to use it myself in a 4k intro.. I'm not totally done with it yet. And then comes the interface and then I'll pass it to a musician who will without any doubt come with a lot of requests and demands :)
Posted on 2003-08-19 09:33:43 by snq
btw, only the original.exe it is working on my XP.

when you need ideeas/betatesting/demo songs count me in ;)
an open source lib would be nice :rolleyes:

keep up the good work
Posted on 2003-08-19 09:39:34 by TBD
I made a couple harmless changes below (please, let me know if I broke it ;)). Also, I'd like to mention that f*f is used three times and should be preserved on the stack to save a FMUL, and FLD1 can be saved as well by putting 1-f on the stack early as well. I could have just made those changes to the source code, but I felt it better to explain because it destroys the continuity of the code and comments. ;)

I'll look at it more when I get home from work.

only "original" EXE works on my machine here: WinXP/Athon
__forceinline float filter( float input, float fc, float res, int highpass=0 )

{
static float _116 = 1.16f;
static float _015 = 0.15f;
static float _035 = 0.35013f;
static float _030 = 0.3f;
static float pIn[5];
float *pOut = curIns->filterDataOut; // we need to save the values per instrument
__asm
{
mov esi, pOut
lea edi, pIn[b] + 4 ;#[/b]
push esi
push edi
[b];# stosd ;//add edi, 4[/b]

;// float f = fc * 1.16f;
fld dword ptr fc
fmul dword ptr [_116] ;// f in st0

;// float fb = res * (1.0f - 0.15f * f * f);
fld1
fld st(1)
fmul st(0), st(0)
fmul dword ptr [_015]
fsubp st(1), st(0)
fmul dword ptr res

;// input -= pOut[4] * fb;
fmul dword ptr [esi+4*4]
fsubr dword ptr input

;// input *= 0.35013f * (f*f*f*f);
fld st(1)
fmul st(0), st(2)
fmul st(0), st(2)
fmul st(0), st(2)
fmul dword ptr [_035]
fmulp st(1), st(0)
fstp dword ptr [esi] ;// pOut[0] = input

;// 1-f
fld1
fsubrp st(1), st(0)

xor ecx, ecx
mov cl, 4

poleLoop:

;// pOut[i] = bla;//0.3f * pIn[i] + bla;//invF * pOut[i];
fld st(0)
fmul dword ptr [esi+4]

fld dword ptr [edi]
fmul dword ptr [_030]

faddp st(1), st(0)
fadd dword ptr [esi]
[b]
;// pIn[i] = pOut[i-1];
;// and update esi and edi at the same time
movsd

fstp dword ptr [esi]
[/b]
loop short poleLoop

fstp st(0) ;// we have (1-f) left on fpu stack

pop edi
pop esi
fld dword ptr [esi+16]
cmp dword ptr [highpass], [b]ecx ;#[/b]
je short noHighPass
fsubr dword ptr [edi+16][b][-4] ;#[/b]
noHighPass:
;// fstp [esi]
}
;// return *pOut;
}
Posted on 2003-08-19 18:45:05 by bitRAKE
Thanks for your tips :)
I actually found all of them myself already and changed some other stuff as well. The resonance is now passed in a word instead of a float because it's in the struct as a byte to save some bytes. So perhaps that makes the filter a few bytes bigger but it saves space in the loader and the renderer.. Also the 0.35 actually could be changed to 0.30 without too much difference in the sound. I just had to adjust the resonance value to make it sound correct again.

Right. Perhaps I should mention that the final executable is going to be packed using aPack. And I've had a few things where the code would be smaller, but the compressed code would get bigger. For example xor ecx,ecx/mov cl,4 instead of mov ecx,4 got bigger instead of smaller...

Here's what I got right now before playing with the f*f and 1-f thing you said:


__forceinline float filter( float input, float fc, WORD res, BYTE highpass=0 )
{
static float _116 = 1.16f;
static float _015 = 0.15f;
static float _030 = 0.3f;
// static float _035 = 0.35013f;
static WORD resDiv = 55;
static float pIn[4];
float *pOut = curIns->filterDataOut;
__asm
{
;// float f = fc * 1.16f;
fld dword ptr fc
fmul dword ptr [_116] ;// f in st0

;// float fb = res * (1.0f - 0.15f * f * f);
fld1
fld st(1)
fmul st(0), st(0)
fmul dword ptr [_015]
fsubp st(1), st(0)
fimul word ptr [res]
fidiv word ptr [resDiv]

;// input -= pOut[4] * fb;
mov esi, pOut
fmul dword ptr [esi+4*4]
fsubr dword ptr input

;// st0=input, st1=f

;// input *= 0.35013f * (f*f*f*f);
fld st(1)
fmul st(0), st(2)
fmul st(0), st(2)
fmul st(0), st(2)
fmul dword ptr [_030] ;// fmul dword ptr [_035]
fmulp st(1), st(0)
fstp dword ptr [esi] ;// pOut[0] = input

;// 1-f
fld1
fsubrp st(1), st(0)

;// mov ecx, 4 ;// this compresses smaller but uncompressed it's bigger :)
xor ecx, ecx
mov cl, 4
lea edi, pIn; ;//+4 -> no need for the +4 I found out

poleLoop:

;// pOut[i] = 0.3f * pIn[i] + (1-f) * pOut[i];
fld st(0)
fmul dword ptr [esi+4]

fld dword ptr [edi]
fmul dword ptr [_030]

faddp st(1), st(0)
fadd dword ptr [esi]

;// pIn[i] = pOut[i-1];
;// and update esi and edi at the same time :)
movsd
fstp dword ptr [esi]

loop short poleLoop

fstp st(0) ;// we have (1-f) on fpu stack

fld dword ptr [esi]
cmp byte ptr [highpass], cl ;// ecx=0 :)
je short noHighPass
fsubr dword ptr [edi-4]
noHighPass:
}
}
Posted on 2003-08-19 20:20:53 by snq
Also.. Here's the latest... Managed to get it down to 3.5k now unmodified by tools or packers!

Anyway, could someone with XP do me a big favor and test some stuff.. Included 4 versions of the exe in this zip. Please try them and let me know which ones work and which don't. I haven't tested on win98 either so if anyone could confirm which work and which don't, I'd be most thankful :alright:

And hereby I also release my PE header optimizer to the public.. CleanPE.exe in the zip! Play around with different settings to get the optimal working result. I haven't really tested it with files that have more than 1 segment or a lot of imports so it's very very beta. And don't try to re-clean exes that are already cleaned :grin:
If there's interest I might do a more stable version :)
Posted on 2003-08-19 20:27:33 by snq
They all seem to work FINE on XP

minisynth.importsnotmoved.exe the first time did not seem to work but once i ran the others it seemed to work... not sure if it messed up the first time somehow.

minisynth.importsnotoptimized.com

creates a MZ.EXE so im guessing it has some sort of loader or something that extracts it or something..
Posted on 2003-08-19 20:39:58 by devilsclaw
Originally posted by devilsclaw
They all seem to work FINE on XP
minisynth.importsnotmoved.exe the first time did not seem to work but once i ran the others it seemed to work... not sure if it messed up the first time somehow.
minisynth.importsnotoptimized.com
creates a MZ.EXE so im guessing it has some sort of loader or something that extracts it or something..

Well that's odd :) But know we know... No import string moving on XP :mad:
The importsnotoptimized.com indeed dumps a file MZ.exe to disk and executes it. Using a dropper I can compress the headers as well instead of just the code/data :)
But that one worked fine as well? (just checking if all really means all here ;)

What exactly happened when you ran importsnotmoved.exe for the first time? Did you at least get a console window? Or not even that. Some windows error message perhaps?

Thanks for the report!
Posted on 2003-08-19 20:47:08 by snq
Originally posted by snq
Right. Perhaps I should mention that the final executable is going to be packed using aPack. And I've had a few things where the code would be smaller, but the compressed code would get bigger. For example xor ecx,ecx/mov cl,4 instead of mov ecx,4 got bigger instead of smaller...
Thanks for the heads up. Your code is looking really good now! ;)
(Have you tried compressing the unrolled loop?)
Posted on 2003-08-19 23:37:31 by bitRAKE
I Can't re-link these files..

(Win98SE most recient patches & upgrades)
Posted on 2003-08-19 23:51:12 by NaN
originally the one that did not work just seemed to close like the cleanpe.exe... which i know is not the same program lol.. it opened then closed... at least i thought... but when i went to close down all my windows i think remembering an extra window it may be that it just went to back ground..

i will reboot and let you know if it was my mistake...

also all the others work just fine for me...
Posted on 2003-08-20 02:15:31 by devilsclaw

Thanks for the heads up. Your code is looking really good now! ;)
(Have you tried compressing the unrolled loop?)

Thanks :)

Well one obvious thing that I tried:


fld st(1)
fmul st(0), st(2)
fmul st(0), st(0)
instead of


fld st(1)
fmul st(0), st(2)
fmul st(0), st(2)
fmul st(0), st(2)

... which makes compressed size 4 bytes bigger :)

I also tried saving the f*f from before on the stack.. Same story, just gets bigger while uncompressed gets smaller..
Then I tried putting 0.30f on the stack and change the 2 fmuls.. It just gets bigger!! I'm going nuts ;) It seems the more space I save the bigger it gets hehe... I'll put up a test app with src later soon you if you're interested in really pushing it you can at least test and hear if it still works ;)
Posted on 2003-08-20 05:13:31 by snq
CleanPE with 1k alignment... for win98

edit: get attachment 3 posts down..
Posted on 2003-08-20 05:27:38 by snq
"CleanPE with 1k alignment... for win98"

Are you sure?
The section alignment is 0x400 rather then 0x1000
Pls, reread NaN's image
I'm wondering why you want "smaller" file size if you use MSVCRT.dll
Posted on 2003-08-20 15:02:43 by lingo12
is there already a MSVCRT.INC made for MASM because I have not seen it so i been making my own for the stuff i need from it at times..
Posted on 2003-08-20 15:07:47 by devilsclaw

"CleanPE with 1k alignment... for win98"

Are you sure?
The section alignment is 0x400 rather then 0x1000

My bad.. I should learn to read :eek:
Win98 should be forbidden anyway.. Damn stone age technology :)

Here then is an untouched version straight from the linker without using any options whatsoever :)
Posted on 2003-08-20 15:43:59 by snq
Thanks snq,

"Here then is an untouched version straight from the linker without using any options whatsoever"

On my Windows ME:
"Error Starting Program
The CLEANPE.EXE file is linked to missing export SHEL32.DLL:DtrStrIA"


"Win98 should be forbidden anyway.. Damn stone age technology"
OK, let's try on the WinXP Pro

Here is a part of my working exe (Windows ME and WinXP Pro)
with size 28672 bytes(see the attachment):


00000000: 4D 5A EB 06-01 00 00 00-00 00 BA 21-01 4C EB 08 MZd?? ?!?Ld?
00000010: 50 00 00 00-02 01 F0 FF-04 44 B4 09-CD 21 94 EB P ??=_?D??-!?d
00000020: FB 43 61 6E-6E 6F 74 20-62 65 20 72-75 6E 20 69 vCannot be run i
00000030: 6E 20 44 4F-53 20 6D 6F-64 65 0A 24-40 00 00 00 n DOS mode?$@
00000040: 50 45 00 00-4C 01 01 00-16 CA 33 3F-00 00 00 00 PE L?? ?-3?
00000050: 00 00 00 00-E0 00 0F 01-0B 01 07 0A-00 60 00 00 a ?????? `
00000060: 00 00 00 00-00 00 00 00-60 10 00 00-00 10 00 00 `? ?

Count of sections 1 Machine Intel386
Symbol table 00000000[00000000]
Size of optional header 00E0 Magic optional header 010B
Linker version 7.10 OS version 4.00
Image version 0.00 Subsystem version 4.00
Entry point 00001060 Size of code 00006000
Size of init data 00000000 Size of uninit data 00000000
Size of image 00007000 Size of header 00001000
Base of code 00001000 Base of data 00007000
Image base 00400000 Subsystem GUI
Section alignment 00001000 File alignment 00001000
Stack 00100000/00001000 Heap 00100000/00001000
Checksum 00000000 ? Number of dirs 16


OS - WinXP Pro

1. C:\TEMP>cleanpe.exe scandir.exe -f 0 -z
CleanPE by snq/aardbei
Fill with 0 (00h)
-- user32.dll
-- kernel32.dll
-- comctl32.dll
Moving imports around a bit...
Done. Shit written to scandir.exe :)
C:\TEMP>


size -> the same (28672 bytes)

00000000: 4D 5A 46 69-6E 64 46 69-72 73 74 46-69 6C 65 41 MZFindFirstFileA
00000010: 00 43 72 65-61 74 65 54-68 72 65 61-64 00 53 65 CreateThread Se
00000020: 6E 64 4D 65-73 73 61 67-65 41 00 55-70 64 61 74 ndMessageA Updat
00000030: 65 57 69 6E-64 6F 77 00-00 00 00 00-40 00 00 00 eWindow @
00000040: 50 45 00 00-4C 01 01 00-4C 6F 61 64-43 75 72 73 PE L?? LoadCurs
00000050: 6F 72 41 00-E0 00 0F 01-0B 01 46 69-6E 64 4E 65 orA a ????FindNe
00000060: 78 74 46 69-6C 65 41 00-60 10 00 00-00 00 00 00 xtFileA `?
00000070: 00 00 00 00-00 00 40 00-00 10 00 00-00 10 00 00 @ ? ?
00000080: 00 00 00 00-00 00 00 00-04 00 00 00-00 00 00 00 ?
00000090: 00 70 00 00-00 10 00 00-00 00 00 00-02 00 00 00 p ? ?
000000A0: 00 00 10 00-00 00 10 00-00 00 10 00-00 00 10 00 ? ? ? ?
000000B0: 00 00 00 00-10 00 00 00-00 00 00 00-00 00 00 00 ?
000000C0: 60 60 00 00-50 00 00 00-52 65 67 69-73 74 65 72 `` P Register
000000D0: 43 6C 61 73-73 45 78 41-00 54 72 61-6E 73 6C 61 ClassExA Transla
000000E0: 74 65 4D 65-73 73 61 67-65 00 43 72-65 61 74 65 teMessage Create
000000F0: 57 69 6E 64-6F 77 45 78-41 00 00 00-00 00 00 00 WindowExA
00000100: 00 00 00 00-00 00 00 00-00 00 00 00-00 00 00 00
00000110: 00 00 00 00-00 00 00 00-00 00 00 00-00 00 00 00
00000120: 44 69 73 70-61 74 63 68-4D 65 73 73-61 67 65 41 DispatchMessageA
00000130: 00 44 65 66-57 69 6E 64-6F 77 50 72-6F 63 41 00 DefWindowProcA
00000140: 70 52 00 00-00 10 00 00-00 60 00 00-00 10 00 00 pR ? ` ?
00000150: 00 00 00 00-00 00 00 00-00 00 00 00-20 00 00 E0 a
00000160: 00 00 00 00-00 00 00 00-00 00 00 00-00 00 00 00

Count of sections 1 Machine Intel386
Symbol table 73727543[0041726F]
Size of optional header 00E0 Magic optional header 010B
Linker version 70.10 OS version 0.00
Image version 0.00 Subsystem version 4.00
Entry point 00001060 Size of code 654E646E
Size of init data 69467478 Size of uninit data 0041656C
Size of image 00007000 Size of header 00001000
Base of code 00000000 Base of data 00000000
Image base 00400000 Subsystem GUI
Section alignment 00001000 File alignment 00001000
Stack 00100000/00100000 Heap 00100000/00100000
Checksum 00000000 Number of dirs 16

C:\TEMP\scandir>Doesn't work
Error message:
"Only part of a ReadProcessMemory or
WriteProcessMemory request was completed"



2. C:\TEMP>cleanpe.exe scandir.exe -j -i -z
CleanPE by snq/aardbei
Done. Shit written to scandir.exe :)
C:\TEMP>

size -> the same (28672 bytes)
00000000: 4D 5A 00 00-00 00 00 00-00 00 00 00-00 00 00 00 MZ
00000010: 00 00 00 00-00 00 00 00-00 00 00 00-00 00 00 00
00000020: 00 00 00 00-00 00 00 00-00 00 00 00-00 00 00 00
00000030: 00 00 00 00-00 00 00 00-00 00 00 00-40 00 00 00 @
00000040: 50 45 00 00-4C 01 01 00-00 00 00 00-00 00 00 00 PE L??
00000050: 00 00 00 00-E0 00 0F 01-0B 01 00 00-00 00 00 00 a ????
00000060: 00 00 00 00-00 00 00 00-60 10 00 00-00 00 00 00 `?
00000070: 00 00 00 00-00 00 40 00-00 10 00 00-00 10 00 00 @ ? ?
00000080: 00 00 00 00-00 00 00 00-04 00 00 00-00 00 00 00 ?
00000090: 00 70 00 00-00 10 00 00-00 00 00 00-02 00 00 00 p ? ?
000000A0: 00 00 10 00-00 00 10 00-00 00 10 00-00 00 10 00 ? ? ? ?
000000B0: 00 00 00 00-10 00 00 00-00 00 00 00-00 00 00 00 ?
000000C0: 60 60 00 00-50 00 00 00-00 00 00 00-00 00 00 00 `` P
000000D0: 00 00 00 00-00 00 00 00-00 00 00 00-00 00 00 00

Count of sections 1 Machine Intel386
Symbol table 00000000[00000000]
Size of optional header 00E0 Magic optional header 010B
Linker version 0.00 OS version 0.00
Image version 0.00 Subsystem version 4.00
Entry point 00001060 Size of code 00000000
Size of init data 00000000 Size of uninit data 00000000
Size of image 00007000 Size of header 00001000
Base of code 00000000 Base of data 00000000
Image base 00400000 Subsystem GUI
Section alignment 00001000 File alignment 00001000
Stack 00100000/00100000 Heap 00100000/00100000
Checksum 00000000 Number of dirs 16

C:\TEMP\scandir> this one works but I prefer my DOS stub (see above)


3. C:\TEMP>cleanpe.exe scandir.exe -j -i -z -c
CleanPE by snq/aardbei
Done. Shit written to scandir.exe.com :)
C:\TEMP\>

size -> two bytes bigger then mine (28674 bytes)
because writes two additional trailing zeroes at the end of the file
(imho, it is an error because when you insert two bytes at the beginning
E8 07 -> i.e. jmp 09 you must recompute all and if you have two trailing bytes
at the end just delete them. I'm wondering what will be if you haven't two
trailing zeroes at the end)
00006FF0: 00 00 00 00-00 00 00 00-00 00 00 00-00 00 00 00
00007000: 00 00

00000000: EB 07 4D 5A-2E 65 78 65-00 B4 4A B7-10 CD 21 BD d?MZ.exe ?J+?-!+
00000010: 02 01 B4 3C-8B D5 33 C9-CD 21 8B D8-B9 00 70 B4 ???<?+3+-!?+? p?
00000020: 40 8B D5 CD-21 B4 3E CD-21 B4 4B 8B-D5 8B DD CD @?+-!?>-!?K?+??-
00000030: 21 32 ED B4-41 8B D5 CD-21 E2 F8 C3-00 00 40 00 !2f?A?+-!G?+ @
00000040: 00 00 50 45-00 00 4C 01-01 00 00 00-00 00 00 00 PE L??
00000050: 00 00 00 00-00 00 E0 00-0F 01 0B 01-00 00 00 00 a ????
00000060: 00 00 00 00-00 00 00 00-00 00 60 10-00 00 00 00 `?
00000070: 00 00 00 00-00 00 00 00-40 00 00 10-00 00 00 10 @ ? ?
00000080: 00 00 00 00-00 00 00 00-00 00 04 00-00 00 00 00 ?

C:\TEMP\>scandir.com -> this one works too but doesn't exit properly
(doesn't close the DOS screen) and I prefer my DOS stub (see above)


4.C:\TEMP>cleanpe.exe scandir.exe -j -z
CleanPE by snq/aardbei
-- user32.dll
-- kernel32.dll
-- comctl32.dll
Done. Shit written to scandir.exe :)
C:\TEMP>

size -> the same (28672 bytes)
00000000: 4D 5A 00 00-00 00 00 00-00 00 00 00-00 00 00 00 MZ
00000010: 00 00 00 00-00 00 00 00-00 00 00 00-00 00 00 00
00000020: 00 00 00 00-00 00 00 00-00 00 00 00-00 00 00 00
00000030: 00 00 00 00-00 00 00 00-00 00 00 00-40 00 00 00 @
00000040: 50 45 00 00-4C 01 01 00-00 00 00 00-00 00 00 00 PE L??
00000050: 00 00 00 00-E0 00 0F 01-0B 01 00 00-00 00 00 00 a ????
00000060: 00 00 00 00-00 00 00 00-60 10 00 00-00 00 00 00 `?

C:\TEMP\scandir> this one works but I prefer my DOS stub (see above)

5. C:\TEMP>cleanpe.exe
CleanPE by snq/aardbei
Usage: cleanpe bla.exe [options]
Options:
-m [XX] Move PE header to offset XX
XX must be a multiple of 16. Default is don't move at all
With only -m as a param, XX defaults to 64
Note some values under 64 will work, but not all. 12 is the lowest.
[B] -f XX Fill bullshit header data with ascii code XX. Default: 0 [/B]
-s XX Specify stub size. Default: 64
-i Don't optimize import table
-j Don't move imports to unused header space
-z Don't remove trailing zeroes from the file
-c Insert COM stub.. Rules :) Note: max orig EXE size is around 63k!
-o XXX Output to file XXX


C:\TEMP>cleanpe.exe scandir.exe -f 33
Program crash

C:\TEMP>cleanpe.exe scandir.exe -f stub.exe
Program crash

C:\TEMP>cleanpe.exe scandir.exe -f c:\temp\stub.exe
Program crash


I'm wondering how to use this option


6.Ok, let's try without trailing zeroes
C:\TEMP>cleanpe.exe scandir.exe -i -j
CleanPE by snq/aardbei
Done. Shit written to scandir.exe :)

C\TEMP>scandir.exe

Error:
"C:\TEMP\SCANDIR.EXE is not a valid Win32 application"

From DOS screen:
C:\TEMP>scandir.exe
Error:
Access denied


Regards,
Lingo
Posted on 2003-08-20 20:26:52 by lingo12
Lingo12,

Thanks for that report :)

First about the StrStri.. I quote from my MSDN:
LPTSTR StrStrI(
LPCTSTR lpFirst,
LPCTSTR lpSrch
);
Requirements
Version 4.71 and later of Shlwapi.dll
Windows NT/2000: Requires Windows 2000 (or Windows NT 4.0 with Internet Explorer 4.0 or later).
Windows 95/98: Requires Windows 98 (or Windows 95 with Internet Explorer 4.0 or later).
Header: Declared in shlwapi.h.
Import Library: shlwapi.lib.

So I don't understand why it wouldn't work unless you don't have IE4 (which I think comes standard with WinME?).


I found out earlier today that I'm filling some header space that is ignored in win2k (which I run) but not in winxp. I don't have an XP machine around here so it'll have to wait. The value of the particular thing can be set to 0 but apparently not to whichever value, in xp. Now I just need to find out which one it is :/

This is also why the import moving makes things crash on winxp.
If don't use -z and -j (or -i), the exe will actually get a bit smaller :)
Using the -z switch will never make the exe smaller without help of an exe packer like UPX (or aPack if you use the -c switch)

I'll make an option to preserve your own dos stub ;) I actually had it before (the -s XX option) but I seem to have bugged it :)

Using the -c switch allows you to compress the file with a dos exe packer. So you compress the whole exe, also the imports. Well everything. So yes it does get 2 bytes bigger but run it though aPack and compare the size with what UPX made of it. This option is actually not that useful if you're not suffering from severe size limits like when coding a 4k intro like I'm doing.. I'm gonna have to fix that stub too I guess.. I got some bytes left tho ;) this version pretty much assumes all registers are 0 on start. On win2k they are but I don't know about other OSs

The rest probably resulted in crashes because of that thing with the header being overwritten..

As I said it's very very beta and all I care about right now is that it starts working decent with my own exes..
But thanks for giving me an other exe to test with and for the effort of testing!
Posted on 2003-08-20 21:21:24 by snq