How can I get the char at a specific position of a string?


eax is filled with the string "This is a teststring."

Now, how can I load another register with the char at position 8 of this string?

Thanks for you help!
Posted on 2002-06-26 14:13:23 by Overflow
You mean eax is a pointer to string "This is a teststring."

mov dl, BYTE PTR [eax+8]


mov dl, [eax+8]
dl contains "a" assuming we start counting at 0.
Posted on 2002-06-26 14:22:39 by stryker
And if you are dealing with a UniCode string or BSTR, then double your offset, as each char takes 2 bytes. And make sure you change the typecast:

mov dx, WORD PTR [eax + 16]
Posted on 2002-06-26 18:03:19 by sluggy
No, I tried it with

Text db "blablablabla",0
Caption db "Caption",0

lea eax, Text
mov dl,
invoke MessageBox, NULL, eax, addr Caption, MB_OK

but the program only crashes. It's the same with

mov dl, BYTE PTR

I use WinXP. Can somebody help me?
Posted on 2002-06-27 15:49:52 by Overflow
Are you sure it crashed? Try this:

.model flat, stdcall
option casemap:none
include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
include \masm32\include\user32.inc
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib


buffer DB "Hello Cruel World", 0


charBufr DB 2 DUP(?)


mov eax, OFFSET buffer
mov dl, BYTE PTR [eax+8]
mov BYTE PTR [charBufr], dl
mov BYTE PTR [charBufr+1], 0

invoke MessageBox, 0, OFFSET charBufr, 0, 0
invoke ExitProcess, 0

end start
This will output u as our eighth character, assuming we start counting at 0.
Posted on 2002-06-27 17:46:06 by stryker
Well you used dl and maybe you didn't push/pop edx?
Posted on 2002-06-27 17:53:04 by Will


I founded for a fact that Windows will allow PTR stuff to work when a WELL WRITTEN M32 style rip will not... So can you please sometimes show stuff NOT using PTR's to do it, or both possible ways when possible....

I may be wrong but i don't trust the underlay workings behind it now...Why must i have an far pointer within my own stuff in order for some things not so common "but SURELY feasible" by LAW of the lang *SHOULD WORK*.

PROOF, (and will prove it one day soon to all) i use one of your compare routines and it is the best in the world, IT NEVER MISS, but i write M32.lib style code, and is dame good at it i KNOW and it MISS in my main project .... but yours never ever do... so that makes me wonder suspiciously.

I LIVE to test my Sh*t for over 3 years now...That's why my questions get dumber and dumber i seen so really strange stuff that was mostly not my fault...I know i am not ready yet but I can SEE...

Just my 2cent and i thought you should know...
Posted on 2002-06-27 21:10:15 by cmax
hey cmax, could you explain what's m32 style code? I'm not sure if I fully understood your question. Anyway, just tell me if I didn't answer your question.

1. If you don't want to make a register act as a pointer to a memory address, you can do this.

mov dl, [buffer+8]
mov [charBufr], dl
mov [charBufr+1], 0
Since the original poster, said that eax is a pointer to a string, that's why I made eax act as a pointer and not work directly with memory like I just did now.

2. You can remove the BYTE PTR typecast on the code above. I like typecasting, to explicitly say that I want to get this amount/size of data on a particular memory address.

Posted on 2002-06-27 21:53:01 by stryker

all i got to say is that is one MEAN piece of code and my 3 year project require it NOW if i want it to run better than PERFECT all because of using a hook and only your code RULES it ALL ... I wasted from the day you posted that code for me ...18 hours per day , starving like marvin, trying to do my standard hard code ALSO for testing and other example posted but on my project nothing can touch it and that makes me wonder about PTR's.....Strange to me... Takes why i post the news...So don't worry,,,, just keep of the good work but be notified of what happen with me....M32....M32.lib code ... that is where i live and know how to get things going in the stranges ways...so i know i am right...

HUTCH Style Coding *THE CHESSE* and you KNOW that has ALWAYS work for me but one slice of it will NOT work NOW but your PTR will. Now that is F**k Up but maybe KOOL all at the same time... But i like doing things MANUALLY.

Don't let me worry you this is my problem for now until i can show it ....

I could not keep my mouth shut so now you know something about the effect of it i think.... I plan to try to understand it and if i get standard code to work you best belever i learned so sh** to do it let me shut up for now......Please don't stop. I don't know how to word it...

Ps Posted on 2002-06-27 23:33:25 by cmax
Cmax, "ptr" is usually used as a size/type override for masm, it's
not like it generates some "magically different" opcodes.
"mov dl, bytr ptr " is exactly the same as "mov dl, ".
Both will assemble correctly, as the operand size is implicit (yes,
masm *does* know that dl is byte-sized ;)).

The ptr override is necessary when you want to, say, store a constant
directly to a memory address that masm doesn't know the size
of. Like "mov byte ptr , 10" or "mov dword ptr , 42".
Masm cannot possibly know whether "10" or "42" should be interpreted
as a byte or a dword, and thus need the size override in the form
of "datatype ptr".
Posted on 2002-06-28 00:49:26 by f0dder