I am using asm and ld on a Linux box.  The program works fine as long
as the "mov , dl" is commented out.  I'm just trying to change
the "X" to a "Y".

But when I uncomment that line out, the program has a segmentation
fault.  I can't figure out what the problem is.

Could somebody please clue me in?

Thank you.


global _start

_start:
xor eax, eax
xor ebx, ebx
xor ecx, ecx
xor edx, edx
jmp short string

code:
pop ecx
mov edx, 89
;mov , dl
xor edx, edx
mov dl, 10
mov bl,1
mov al,4
int 0x080
dec bl
mov al,1
int 0x80

string:
call code
db 'Testing X', 0x0A
Posted on 2007-03-30 15:29:25 by mail1457212
Probaly a base and index problem.



bp bx are base (+index)
si di  are index

try

mov , dl

kinda thing.

Posted on 2007-03-30 20:28:38 by eek

Probaly a base and index problem.



bp bx are base (+index)
si di  are index

try

mov , dl

kinda thing.





Are you able to tell me exactly what changes I should made to my program?

Thank you.
Posted on 2007-03-30 21:24:38 by mail1457212
Seems that you are trying to write to data embedded in a text/code section... a section which is normally read-only in order to prevent code corruption, as well as the prevention of malicious code injection/execution.

Try moving your data into a data section "" and address it properly.
Posted on 2007-03-30 21:49:20 by SpooK
SpooK, I changed my program and it still doesn't work unfortunately.

When I attach gdb to it and run it, it only gives me a generic
"Program received signal SIGSEGV, Segmentation fault."
error.  I wish gdb was more helpful.

Thank you for any help.


global _start

_start:
xor eax, eax
xor ebx, ebx
xor ecx, ecx
xor edx, edx
jmp short string

code:
pop ecx
mov edx, 89
mov , dl
xor edx, edx
mov dl, 10
mov bl,1
mov al,4
int 0x080
dec bl
mov al,1
int 0x80

string:
call code

section _data:
db 'Testing X', 0x0A
Posted on 2007-03-30 21:56:29 by mail1457212
My apologies for being imprecise.

Once your object file (probably AOUT or ELF) is linked into an executable binary image, different sections are usually loaded at different memory locations... and some linkers actually round sections to a size that the memory management can more efficiently address.

Your brain and your eyes tell you that you are addressing the data section, but in reality, your code still attempts to write to the text/code section. Linux is just protecting itself, as it was designed to, by seg faulting the violating process at the first sign of trouble... as should happen with any properly developed operating system.

Please Google for information on object/binary formats and address relocations. It should help you understand further, what I have merely touched upon in this post.

In the mean time, simply give your data a "label" and address that label directly...


...
mov BYTE,dl
...
TestData db 'Testing X',0x0A
...


PS: Using that kind of simplistic means to retrieve the IP/EIP can be flagged as "malicious" by certain virus/malware scanners. In the practice of standard application development, one should avoid attempting to ascertain the value of the EIP along with making assembly/compile-time calculations of things that are changed dynamically by the linker... too many people have used these methods to do some "not so nice" things ;)
Posted on 2007-03-30 22:17:07 by SpooK