ok, problem solved :-D
thx to all

giacos
Posted on 2004-08-30 14:18:29 by giacos
Funny, but crash.exe doesn't crash on Win Xp HE Sp1. :)
Examining with Ollydbg:


00401000 >/$ 6A 00 PUSH 0 ; |/Style = MB_OK|MB_APPLMODAL
00401002 |. 6A 00 PUSH 0 ; ||Title = NULL
00401004 |. 68 00204000 PUSH crash.00402000 ; ||Text = "I'm going to call show_message..."
00401009 |. 6A 00 PUSH 0 ; ||hOwner = NULL
0040100B |. E8 2D000000 CALL <JMP.&USER32.MessageBoxA> ; |\MessageBoxA
00401010 |. 68 22204000 PUSH crash.00402022 ; |Arg1 = 00402022 ASCII "Hi from show_message PROC"
00401015 |. E8 07000000 CALL crash.00401021 ; \crash.00401021
0040101A |. 6A 00 PUSH 0 ; /ExitCode = 0
0040101C \. E8 16000000 CALL <JMP.&KERNEL32.ExitProcess> ; \ExitProcess
00401021 /$ C8 000000 ENTER 0,0
00401025 |. 6A 00 PUSH 0 ; /Style = MB_OK|MB_APPLMODAL
00401027 |. 6A 00 PUSH 0 ; |Title = NULL
00401029 |. FF75 0C PUSH DWORD PTR SS:[EBP+C] <---This should be [EBP+8] ; |Text
0040102C |. 6A 00 PUSH 0 ; |hOwner = NULL
0040102E |. E8 0A000000 CALL <JMP.&USER32.MessageBoxA> ; \MessageBoxA
00401033 |. C9 LEAVE
00401034 \. C2 0800 RETN 8
00401037 .-FF25 4C304000 JMP DWORD PTR DS:[<&KERNEL32.ExitProcess>; kernel32.ExitProcess
0040103D $-FF25 54304000 JMP DWORD PTR DS:[<&USER32.MessageBoxA>] ; USER32.MessageBoxA


During debugging with Ollydbg, change to and then the code will run without problem.
Posted on 2004-08-30 14:27:45 by Vortex

a assembler is as good as the man behind it

True


and, moreover, they dont make difference at all after the first 6 months.

Here I don't agree completely - for instance, some of the things you can do with FASM would be hard with TASM or MASM (like having everything in one PE section, *and* having imports located as the first thing in this section), and other assemblers have other strong features (ie, GoASM has strong unicode support, and doesn't require import libraries).
Posted on 2004-09-01 04:12:38 by f0dder
In TASM, you must use the ARG directive, like this:

(...)
PUSH OFFSET explorer
CALL OPEN_PROGRAM
(...)

OPEN_PROGRAM PROC
ARG svPath:DWORD

PUSH MB_OK
PUSH 0
PUSH
PUSH 0
CALL MessageBoxA

RET
OPEN_PROGRAM ENDP


I prefer to PUSH the parameters, but you can change that if you don't like. You don't need to use NEAR or FAR since in 32bits programming there are only one thing, a whole flat memory.
Posted on 2004-09-01 19:46:00 by Marginais
for me anyways, TASM 5.2 acts weird for me, using procs, without the pascal directive, 'proc's don't generate a stack frame, and i have to manually enter/leave.
Posted on 2004-09-02 16:25:24 by Drocon
'proc's don't generate a stack frame, and i have to manually enter/leave.



In TASM 5+, you don't need to use enter/leave. ARG does all the job automatically. Only in TASM for DOS you must create manually the stack frame for ARG to work.
Posted on 2004-09-02 21:40:14 by Marginais