x64 Input question

vogelsang · September 24, 2013, 10:26:25 PM

I have written x64 code, that takes input from user it is based on masm32 StdIn procedure(watched it under olly). I have complied it with ml64 and it works but i'm not sure is everything fine. I don't know system inside. I need to be certain, that it's OK. Could some one look at it?

Code Select


includelib 	/masm64/lib/kernel32.lib
includelib	/masm64/lib/user32.lib

WriteConsoleA 	proto :ptr, :ptr, :dword, :ptr, :dword
ReadConsoleA 	proto :ptr, :ptr, :dword, :ptr, :dword
GetStdHandle  	proto :dword
ExitProcess   	proto :dword
SetConsoleMode	proto :dword, :dword
ReadFile	proto :dword, :dword,  :dword, :dword

STD_OUTPUT_HANDLE 	equ -11
STD_INPUT_HANDLE	equ -10

.data
tMsg		db "Hello x64 world",13,10
.data?
btText		db 4 dup (?)
hStdOut		dq ?
hStdIn		dq ?
qWritten	dq ?
qRead		dq ?
.code
start proc
	mov	rax, 1
	mov	rax,2

	mov	rcx, STD_OUTPUT_HANDLE
	call	GetStdHandle
	mov	hStdOut, rax

	mov	rcx, rax
	mov	rdx, offset tMsg
	mov	r8, lengthof tMsg
	mov	r9, offset qWritten
	mov	qword ptr [rsp + 8 * 4], 0
	call	WriteConsoleA

	mov	rcx, STD_INPUT_HANDLE
	call	GetStdHandle
	mov	hStdIn, rax

	mov	rcx, rax
	mov	rdx, 7				;ENABLE_ECHO_INPUT or ENABLE_LINE_INPUT or ENABLE_PROCESSED_INPUT
	call	SetConsoleMode

	mov	rcx, hStdIn
	mov	rdx, offset btText
	mov	r8, sizeof btText
	mov	r9, offset qRead
	mov	qword ptr [rsp + 8 * 4], 0	;Is it fifth proc arg??? 
	call	ReadFile

	mov	rcx, hStdOut
	mov	rdx, offset btText
	mov	r8, sizeof btText
	mov	r9, offset qWritten
	mov	qword ptr [rsp + 8 * 4], 0
	call	WriteConsoleA

	xor	rcx, rcx
	call	ExitProcess

start endp
end

and other question:

mov qword ptr [rsp + 8 * 4], 0

is it fifth arg of WriteConsoleA?

thanks in advance

qWord · September 24, 2013, 11:02:11 PM

The allocation of the 5 stack arguments + alignment is missing. Also the prototypes are formally wrong: the handles are declared as DWORDs, instead of QWORDs. The rest look OK.

Other thoughts: XOR ECX,ECX == XOR RCX,RCX , the first one is shorter and formal correct.
EDIT: the same for some other moves. e.g. mov rcx, STD_OUTPUT_HANDLE

vogelsang · September 24, 2013, 11:17:11 PM

Quote
Other thoughts: XOR ECX,ECX == XOR RCX,RCX , the first one is shorter and formal correct.
EDIT: the same for some other moves. e.g. mov rcx, STD_OUTPUT_HANDLE

that means that for function is important low half of e.g. RCX not the whole reg?

qWord · September 24, 2013, 11:24:12 PM

Quote from: vogelsang on September 24, 2013, 11:17:11 PMthat means that for function is important low half of e.g. RCX not the whole reg?

(theoretically) yes. However, as said, there is not difference because 32 bit results (of an operation) are zero extended to 64 bit in registers.
~~Therefore MOV rax,imm32 is equal to mov eax,imm32.~~

vogelsang · September 24, 2013, 11:30:29 PM

thanks qWord for explaining it. I'm new to x64. Good to know.

qWord · September 24, 2013, 11:39:09 PM

sorry, a small mistake in the last post: MOV rax,imm32 is signed extended and not zero extended. However, for XOR and most other instruction it applies.

The MASM Forum

News:

x64 Input question

vogelsang

qWord

vogelsang

qWord

vogelsang

qWord