...but when someone does something AND expects others to do it their way...


I totally agree, thats why I mentioned the C++ language nazis. I have not seen much, 'everyone should do it my way' here. I think for an HLL like C++ it is easier for those people to be made. The complier is like a dull child, you explain slowly and explicitly to the child how to do something. So if someone gets good at explaining how to do things to the child, they sometimes get over zellous and think that they know the BEST way to talk to the child. Unfortunatly HLLs kind of encourage this kind of behavior, because there is only so much latitude in how you can tell a dull child what to do:grin:

Nan, did you try making a release build of that program? I've found that optomized builds will sometimes condense the variables. VC7 does a good job of optomizing, with some help from me:cool:, it does a better job.
Posted on 2002-06-01 06:32:24 by ThoughtCriminal
buliaNaza,

Thanks alot. I just needed to see... I am using an hook and now it is giving me problems because i see stuff left over from whatever in my ECX and EDX even when i XOR all over the place....i mean ALL OVER the PLACE...

There will surly be a lot i will learn from your Example and this Post.

Thanks again


Posted on 2002-06-01 22:41:57 by cmax
Hi,

"Some of the assumptions here fascinate me,"

and here is the top of stupidity::grin:

"...without decompiling every windows API function, you have no way of knowing which registers they do or do not use so the ONLY choice is to observe the arbitrary convention for Windows coding which is to preserve EBX ESI & EDI and ESP and EBP if you handle the stack manually.":) :) :)
Posted on 2002-06-06 22:26:49 by buliaNaza
What an interesting view, it appears that BuliaNaza is the only person on the planet who does not have to protect the registers that are used by API calls.

Who cares if Microsoft publish their convention for what registers need to be preserved if you write a procedure that interacts with API calls ?

Perhaps you could share this piece of genius with us where the vendor of the operating system does not know what they are talking about. :)

Regards,

hutch@movsd.com
Posted on 2002-06-07 02:39:52 by hutch--


A1: I use

;Start:
;invoke GetModuleHandle, 0 ; slow
;mov hInstance, eax
;........
;........
;End Start

Start:
mov esi, offset Start ; faster
and esi, 0FFFF0000h
.....
.....

A2:
.DATA
hInstance dd offset Start
.CODE

Start:
and hInstance, 0FFFF0000h





I won't use this bloat code. :grin:



.data
hInstance dd 400000h


That's it. If I need to modify it for future Windows Version's, I can earn a lot of "technical support" money from my customers :)
Posted on 2002-06-07 04:38:38 by bazik
Hutch--, does not the API preserve all register except EAX, EDX and ECX? It certainly depends on your view. buliaNaza is looking from one side of the interface and your looking from the other. :grin:
Posted on 2002-06-07 05:28:52 by bitRAKE
Hi, bitRAKE
:grin:
"It certainly depends on your view"
It is wrong... "It certainly DOES NOT depends on his view"
;)I'm not a moderator ergo I am free of obligation to tolerate stupidity and incompetence in any form...regardless of author's age and hierarchic position...

bAZiK,
of course you can use what you want...;)
Posted on 2002-06-07 08:15:41 by buliaNaza
buliaNaza, maybe you will write all your programs without interfacing the messaging system of windows, but I seriously doubt it and that is part of the API. I am an ox and will bear the burdon of tolerance - even of you. ;)
Posted on 2002-06-07 08:32:22 by bitRAKE
What is this?
"...without interfacing the messaging system of windows, ..."

I use GetMessage API and I can include DispatchMessage and other API too... without preserving of registers...;)
Posted on 2002-06-07 08:51:08 by buliaNaza
buliaNaza, do you have ANY procedure called by windows?
Posted on 2002-06-07 08:55:57 by bitRAKE
Of course..;)
Posted on 2002-06-07 09:12:49 by buliaNaza
buliaNaza, ...and what registers must you preserve in those procedures? You know timer/window procs and such...
Posted on 2002-06-07 09:21:28 by bitRAKE
am i missing something? this is normal win32 code.
you only have to save those regs in callbacks if you
use them right? so bulinaza decided to NOT use them.
btw this code is more than messy, what in the hell
are you doing there, whats up with the X+0+0+2-2
style-calculations? you could do this in a clean way
(but still without pe-imported api's) with 70% lines less.
Posted on 2002-06-07 09:36:19 by mob
Put these in the WndProc procedure directly after the entry address to the procedure and see what happens.


; instant crash
mov esi, 12345678
mov edi, 12345678
mov ebx, 12345678

; ; nothing happens
; mov eax, 12345678
; mov ecx, 12345678
; mov edx, 12345678

Regards,

hutch@movsd.com
Posted on 2002-06-07 09:51:22 by hutch--
mob, you are correct. I'm just trying to help buliaNaza understand the interface - which he is already aware of. :)
Posted on 2002-06-07 09:53:13 by bitRAKE

Put these in the WndProc procedure directly after the entry address to the procedure and see what happens.


and your point? even one week asm newbies know that.
and i expect that bulinaza knows that too... *confused*
Posted on 2002-06-07 09:54:35 by mob
"Put these in the WndProc procedure directly after the entry address to the procedure and see what happens."

Put these in my example where you want and see what happens...


mov esi, 12345678
mov edi, 12345678
mov ebx, 12345678
;)
Posted on 2002-06-07 10:53:40 by buliaNaza
it didn't showed any text now and it wasn't able to terminate.
strange thing that it doesn't crashed completly... Must be win2k.
(i tried it out with icz's windows example and it don't crashed too)
i bet on hutchs win95b box it'll raise the whole system down in
the deep dark hole known as the 'blue screen' or even more
worse the 'black screen' :)
Posted on 2002-06-07 11:28:44 by mob
mob,
for you and for other people here it is the newbie version
of the example("for easy reading")...but I hate this style of assembly!
      .386                   ; minimum processor needed for 32 bit

.model flat, stdcall ; FLAT memory model & STDCALL calling
option casemap :none ; set code to case sensitive

include c:\masm32\include\windows.inc
include c:\masm32\include\user32.inc
include c:\masm32\include\gdi32.inc
include c:\masm32\include\kernel32.inc
includelib c:\masm32\lib\user32.lib
includelib c:\masm32\lib\gdi32.lib
includelib c:\masm32\lib\kernel32.lib

.data
szDisplayName db "Test",0
szClassName db "Test_Class",0
szTest db "I don't want to feel guilty if my programs"
db " don't start with :",13,10
db " Start:",13,10
db " invoke GetModuleHandle,NULL",10,13
db " mov hInstance, eax",10,13
db " invoke WinMain,eax,0,0,0",10,13
db " invoke ExitProcess,eax",10,13
db " END Start",0
szConfirm db "Please Confirm Exit",0
hWnd dd ?
dStack dd ?
wc WNDCLASSEX <>
msg MSG <>
ps PAINTSTRUCT <>
rect RECT <>

.code
start:
mov esi, offset start ; instance handle
mov dStack, esp ; save the stack
and esi, 0FFFF0000h ; esi->instance handle
mov wc.cbSize, sizeof WNDCLASSEX
mov wc.style, CS_HREDRAW or CS_VREDRAW \
or CS_BYTEALIGNWINDOW
mov wc.lpfnWndProc, offset WndProc
mov wc.cbClsExtra, NULL
mov wc.cbWndExtra, NULL
mov wc.hInstance, esi ; esi->instance handle
mov wc.hbrBackground, COLOR_BTNFACE+1
mov wc.lpszMenuName, NULL
mov wc.lpszClassName, offset szClassName
invoke LoadIcon, NULL, IDI_APPLICATION
mov wc.hIcon, eax
invoke LoadCursor, NULL,IDC_ARROW
mov wc.hCursor, eax
mov wc.hIconSm, 0
invoke RegisterClassEx, ADDR wc
invoke CreateWindowEx, WS_EX_OVERLAPPEDWINDOW,
ADDR szClassName,
ADDR szDisplayName,
WS_OVERLAPPEDWINDOW or WS_VISIBLE,
100,100,500,350,
NULL,NULL,
esi, NULL ; esi->instance handle
;...............................................;
WndProc: ;
cmp esp, dStack ;
jz WinGetMessage ;
;
mov esi, 12345678h ; for Hutch
mov edi, 12345678h ; for Hutch
mov ebx, 12345678h ; for Hutch
mov ebp, 12345678h ; for Hutch
WinMain: ;
mov eax, [esp+8] ; eax->uMsg
cmp eax, WM_CLOSE ;
je OnDestroy ;
cmp eax, WM_PAINT ;
je OnPaint ;
cmp eax, WM_CREATE ;
je OnCreate ;
jmp DefWindowProc ; call API
WinMainExit: ;
mov esp, dStack ; clear the stack
WinGetMessage: ;
mov esi, 12345678h ; for Hutch
mov edi, 12345678h ; for Hutch
mov ebx, 12345678h ; for Hutch
mov ebp, 12345678h ; for Hutch
; homework for you
lea eax, [esp-(4+0)*4] ; loading auto stack
mov [esp-(5+0)*4], offset WndProc ; return -> WndProc
mov dword ptr [esp-(6+0)*4], 0 ; zeros are parameters
mov dword ptr [esp-(7+0)*4], 0 ; of GetMessage
mov dword ptr [esp-(8+0)*4], 0 ;
mov [esp-(9+0)*4], eax ; eax-> offset MSG struct
mov [esp-(10+0)*4], offset WinMain ; return-> WinMain
sub esp, (10+0)*4 ;
jmp GetMessage ; call API
;...............................................;
OnCreate: ;
mov eax, [esp+4] ; hwnd
mov hWnd, eax ;
jmp DefWindowProc ;
OnDestroy: ;
invoke MessageBox,hWnd, \ ;
ADDR szConfirm, \ ;
ADDR szDisplayName,\ ;
MB_YESNO ;
.if eax == IDNO ;
jmp WinMainExit ; loop again
.endif ;
jmp ExitProcess ; Exit
OnPaint: ;
invoke BeginPaint, hWnd, ADDR ps ;
mov esi,eax ; esi->hDC
invoke GetClientRect,hWnd, ADDR rect ;
invoke DrawText, esi, ADDR szTest,-1,\ ; esi->hDC
ADDR rect, DT_VCENTER ;
invoke EndPaint, hWnd, ADDR ps ;
jmp DefWindowProc ;
;...............................................;
end start

;)
Posted on 2002-06-07 16:13:19 by buliaNaza
This code:
.data

wc WNDCLASSEX <>
.code
mov wc.cbSize, sizeof WNDCLASSEX
mov wc.style, CS_HREDRAW or CS_VREDRAW \
or CS_BYTEALIGNWINDOW
mov wc.lpfnWndProc, offset WndProc
mov wc.cbClsExtra, NULL
mov wc.cbWndExtra, NULL
mov wc.hInstance, esi ; esi->instance handle
mov wc.hbrBackground, COLOR_BTNFACE+1
mov wc.lpszMenuName, NULL
mov wc.lpszClassName, offset szClassName
invoke LoadIcon, NULL, IDI_APPLICATION
mov wc.hIcon, eax
invoke LoadCursor, NULL,IDC_ARROW
mov wc.hCursor, eax
mov wc.hIconSm, 0
Can be replaced by:
.data

wc WNDCLASSEX <SIZEOF WNDCLASSEX, CS_HREDRAW or CS_VREDRAW or CS_BYTEALIGNWINDOW, OFFSET WndProc, 0,0,0,0,0,COLOR_BTNFACE+1,0, offset szClassName, 0>
.code
mov wc.hInstance, esi ; esi->instance handle
invoke LoadIcon, NULL, IDI_APPLICATION
mov wc.hIcon, eax
invoke LoadCursor, NULL,IDC_ARROW
mov wc.hCursor, eax
Posted on 2002-06-07 16:31:00 by bitRAKE