Over the past 8 month's I have been learning asm using TASM and have been flying through. writing little apps and having major success. Then bang a wall appeared.

I started writing an app that was crashing for what appeared to be no reason. Then I found out (using ollydbg)  that data was overwriting (the import table??)
eg: normal
0040113F  $-FF25 5C304000  JMP DWORD PTR DS:[<&USER32.DialogBoxPara>;  USER32.DialogBoxParamA
00401145  $-FF25 60304000  JMP DWORD PTR DS:[<&USER32.MessageBoxA>] ;  USER32.MessageBoxA
0040114B  $-FF25 68304000  JMP DWORD PTR DS:[<&KERNEL32.GetModuleHa>;  kernel32.GetModuleHandleA
00401157  .-FF25 70304000  JMP DWORD PTR DS:[<&KERNEL32.ExitProcess>;  kernel32.ExitProcess
0040115D  $-FF25 74304000  JMP DWORD PTR DS:[<&KERNEL32.CreateProce>;  kernel32.CreateProcessA

The crazyness:
0040113F  $-FF25 5C304000  JMP DWORD PTR DS:[<&USER32.DialogBoxPara>; 
00401145  $-FF25 60304000  JMP DWORD PTR DS:[<&USER32.MessageBoxA>] ;
0040114B  $-FF25 68304000  JMP DWORD PTR DS:[<&KERNEL32.GetModuleHa>;
00401151  $-FF25 6C304000  JMP DWORD PTR DS:[<&KERNEL32.WriteProces>;
00401157  .-FF25 70304000  JMP DWORD PTR DS:[<&KERNEL32.ExitProcess>; 
0040115D  $-FF25 74304000  JMP DWORD PTR DS:[<&KERNEL32.CreateProce>;

It appears that I need to use the .model large, stdcall statement. This threw me a curve ball with loads of errors finally I stuck P386 at the top an things were good until I linked it throwing this crazy error:

Fatal: Bad loc for fixupp in module 'large.OBJ' near file offset d3

Meh. I wandered around the site and it was mentioned that this has something to with 16 being mixed with 32bit. The solution for the other fella was to  change dx to edx.
I then threw together this bit of code which results in the above error:


P386
.model large, stdcall
extrn MessageBoxA : proc
.data
lol db "loool",0
.code
start:
call MessageBoxA, 0, offset lol, offset lol, 0
end start


Now here is a very vague question, sorry, what am I doing wrong? As far as I am aware there is no 16bit stuff in here, please correct me if I am wrong.

Cheers!!
Posted on 2009-05-18 14:14:06 by sidey1234
Isn't the import-table made read-only after DLLs have been linked?
Posted on 2009-05-18 14:17:05 by Ultrano
Pass. In the original program that I was having issues with is enumservicesstatus which uses max 64k if thats of any use
Posted on 2009-05-18 14:35:20 by sidey1234
I want you to keep in mind I've not arsed with TASM in years, I'm also running GNU/Linux right now so I have no way of testing if this works (it's all from memory) but I think that should actually look like this:


P386
.MODEL flat, stdcall
EXTERN MessageBoxA : proc
.DATA
lol db "loool",0
.code
start:
call MessageBoxA, 0, offset lol, offset lol, 0
end start


Sorry if that doesn't work, like I was saying, it's been about 12 years now since I've used TASM  :oops:
Posted on 2009-05-19 21:27:07 by Synfire
loool ?
Posted on 2009-05-20 01:54:39 by Homer
Also, you'll want a call to ExitProcess if you don't want to run random garbage code :)
Posted on 2009-05-24 16:26:35 by f0dder
As a long-time TASM-programmer I try to avoid these special "model" declarations.
They can cause strange errors when linking with different libraries, because they are compiled with another memory model.
Make sure that you use references to offsets properly and your memory model fits to the libraries you want to link with.
Besides it depends on the linker you are using. TLINK/ILINK is very buggy.
WLINK (by WATCOM) does a good job.

For 32-bit-Windows (e.g. MS-WINAPI) I use:


.586
.model flat,stdcall


For 16-bit-SoMeThInG (e.g. Borland-C) I use (near code, far data):


.586
.model use16 compact,stdcall

Posted on 2009-05-24 19:51:44 by TasmDev
guys,

cheers for all the comments, I have tried but still get the same problems, so I reduced my buffer down from 4000 bytes to 1000 and ran an iteration. Guess I was just being lazy :D
Posted on 2009-05-27 11:41:52 by sidey1234