### Author Topic: RtlCopyMemory  (Read 14606 times)

#### ragdog

• Member
• Posts: 610
##### Re: RtlCopyMemory
« Reply #15 on: July 05, 2014, 02:17:10 AM »
Quote
And Intel & AMD will ban rep movsb :lol:

but you can read it by http://msdn.microsoft.com/en-us/library/bb288454.aspx

#### dedndave

• Member
• Posts: 8825
• Still using Abacus 2.0
##### Re: RtlCopyMemory
« Reply #16 on: July 05, 2014, 03:09:13 AM »
sounds to me like that breaks a lot of existing software   :(

#### jj2007

• Member
• Posts: 10112
• Assembler is fun ;-)
##### Re: RtlCopyMemory
« Reply #17 on: July 05, 2014, 03:22:48 AM »
but you can read it by http://msdn.microsoft.com/en-us/library/bb288454.aspx

Quote
When the C runtime library (CRT) was first created over three decades ago, the threats to computers were different; computers were not as interconnected as they are today, and attacks were not as prevalent.

The documentation is incorrect, it should read as follows:
Quote
When the C runtime library (CRT) was first created over three decades ago, C++ was not yet around, and C coders still knew what they were doing

#### Zen

• Member
• Posts: 962
• slightly red-shifted
##### Re: RtlCopyMemory
« Reply #18 on: July 06, 2014, 03:17:04 AM »

« Last Edit: July 20, 2014, 03:22:25 AM by Zen »
Zen

#### Zen

• Member
• Posts: 962
• slightly red-shifted
##### Re: RtlCopyMemory
« Reply #19 on: July 06, 2014, 06:52:49 AM »

« Last Edit: July 20, 2014, 03:22:10 AM by Zen »
Zen

#### MichaelW

• Global Moderator
• Member
• Posts: 1209
##### Re: RtlCopyMemory
« Reply #20 on: July 06, 2014, 08:49:41 AM »
I had trouble understanding the portion of your code that you posted, so I rolled my own (it's ridiculous, but it did entertain me for a while).
Code: [Select]
`;=======================================================================================================include \masm32\include\masm32rt.inc;=======================================================================================================.data.code;=======================================================================================================HEXDUMP MACRO address, paragraphs, zerobase    invoke HexAsciiDump, address, paragraphs, zerobaseENDM;-----------------------------------------------------------------------; This longer name avoids a conflict with the MASM32 HexDump procedure.;-----------------------------------------------------------------------HexAsciiDump proc startAddress:DWORD, nParagraphs:DWORD, fZeroBase:DWORD    push ebx    push edi    push esi    mov esi, startAddress    xor ebx, ebx    .WHILE ebx < nParagraphs        mov eax, esi        mov ecx, ebx        shl ecx, 4        .IF fZeroBase            printf( "%08X  ", ecx )        .ELSE            add eax, ecx            printf( "%08X  ", eax )        .ENDIF        xor edi, edi        .WHILE edi < 16            mov ecx, ebx            shl ecx, 4            add ecx, edi            movzx eax, BYTE PTR [esi+ecx]            printf( "%02X ", eax )            .IF edi == 7                printf( "- " )            .ENDIF            inc edi        .ENDW        printf( "  " )        xor edi, edi        .WHILE edi < 16            mov ecx, ebx            shl ecx, 4            add ecx, edi            movzx eax, BYTE PTR [esi+ecx]            .IF eax > 31 && eax < 127                printf( "%c", eax )            .ELSE                printf( "." )            .ENDIF            inc edi        .ENDW        printf( "\n" )        inc ebx    .ENDW    pop esi    pop edi    pop ebx    retHexAsciiDump endp;=======================================================================================================start:;=======================================================================================================    printf("%d\n", SIZEOF TOKEN_PRIVILEGES)    printf("%d\n", SIZEOF LUID_AND_ATTRIBUTES)    printf("%d\n", SE_PRIVILEGE_ENABLED)    mov esi, halloc(SIZEOF TOKEN_PRIVILEGES + SIZEOF LUID_AND_ATTRIBUTES * 3)    mov [esi].TOKEN_PRIVILEGES.PrivilegeCount, 4    printf("%d\n\n", [esi].TOKEN_PRIVILEGES.PrivilegeCount)    ; MOV DWORD PTR DS:[ESI+4],1    mov [esi].TOKEN_PRIVILEGES.Privileges[0].LUID_AND_ATTRIBUTES.Luid.LUID.LowPart, 1    mov [esi].TOKEN_PRIVILEGES.Privileges[0].LUID_AND_ATTRIBUTES.Luid.LUID.HighPart, 2    mov [esi].TOKEN_PRIVILEGES.Privileges[0].LUID_AND_ATTRIBUTES.Attributes, SE_PRIVILEGE_ENABLED    mov [esi].TOKEN_PRIVILEGES.Privileges[12].LUID_AND_ATTRIBUTES.Luid.LUID.LowPart, 3    mov [esi].TOKEN_PRIVILEGES.Privileges[12].LUID_AND_ATTRIBUTES.Luid.LUID.HighPart, 4    mov [esi].TOKEN_PRIVILEGES.Privileges[12].LUID_AND_ATTRIBUTES.Attributes, SE_PRIVILEGE_ENABLED    mov [esi].TOKEN_PRIVILEGES.Privileges[24].LUID_AND_ATTRIBUTES.Luid.LUID.LowPart, 5    mov [esi].TOKEN_PRIVILEGES.Privileges[24].LUID_AND_ATTRIBUTES.Luid.LUID.HighPart, 6    mov [esi].TOKEN_PRIVILEGES.Privileges[24].LUID_AND_ATTRIBUTES.Attributes, SE_PRIVILEGE_ENABLED    mov [esi].TOKEN_PRIVILEGES.Privileges[36].LUID_AND_ATTRIBUTES.Luid.LUID.LowPart, 7    mov [esi].TOKEN_PRIVILEGES.Privileges[36].LUID_AND_ATTRIBUTES.Luid.LUID.HighPart, 8    mov [esi].TOKEN_PRIVILEGES.Privileges[36].LUID_AND_ATTRIBUTES.Attributes, SE_PRIVILEGE_ENABLED    mov ebx, esi    add ebx, 4    HEXDUMP ebx, 1, 1    add ebx, 12    HEXDUMP ebx, 1, 1    add ebx, 12    HEXDUMP ebx, 1, 1    add ebx, 12    HEXDUMP ebx, 1, 1    printf("\n")    hfree esi    mov esi, halloc(SIZEOF TOKEN_PRIVILEGES + SIZEOF LUID_AND_ATTRIBUTES * 3)    mov [esi].TOKEN_PRIVILEGES.PrivilegeCount, 4    printf("%d\n\n", [esi].TOKEN_PRIVILEGES.PrivilegeCount)    xor edi, edi        ; MOV DWORD PTR DS:[EDI+ESI+4],1    mov [esi].TOKEN_PRIVILEGES.Privileges[edi].LUID_AND_ATTRIBUTES.Luid.LUID.LowPart, 1    mov [esi].TOKEN_PRIVILEGES.Privileges[edi].LUID_AND_ATTRIBUTES.Luid.LUID.HighPart, 2    mov [esi].TOKEN_PRIVILEGES.Privileges[edi].LUID_AND_ATTRIBUTES.Attributes, SE_PRIVILEGE_ENABLED    mov [esi].TOKEN_PRIVILEGES.Privileges[edi+12].LUID_AND_ATTRIBUTES.Luid.LUID.LowPart, 3    mov [esi].TOKEN_PRIVILEGES.Privileges[edi+12].LUID_AND_ATTRIBUTES.Luid.LUID.HighPart, 4    mov [esi].TOKEN_PRIVILEGES.Privileges[edi+12].LUID_AND_ATTRIBUTES.Attributes, SE_PRIVILEGE_ENABLED    mov [esi].TOKEN_PRIVILEGES.Privileges[edi+24].LUID_AND_ATTRIBUTES.Luid.LUID.LowPart, 5    mov [esi].TOKEN_PRIVILEGES.Privileges[edi+24].LUID_AND_ATTRIBUTES.Luid.LUID.HighPart, 6    mov [esi].TOKEN_PRIVILEGES.Privileges[edi+24].LUID_AND_ATTRIBUTES.Attributes, SE_PRIVILEGE_ENABLED    mov [esi].TOKEN_PRIVILEGES.Privileges[edi+36].LUID_AND_ATTRIBUTES.Luid.LUID.LowPart, 7    mov [esi].TOKEN_PRIVILEGES.Privileges[edi+36].LUID_AND_ATTRIBUTES.Luid.LUID.HighPart, 8    mov [esi].TOKEN_PRIVILEGES.Privileges[edi+36].LUID_AND_ATTRIBUTES.Attributes, SE_PRIVILEGE_ENABLED    mov ebx, esi    add ebx, 4    HEXDUMP ebx, 1, 1    add ebx, 12    HEXDUMP ebx, 1, 1    add ebx, 12    HEXDUMP ebx, 1, 1    add ebx, 12    HEXDUMP ebx, 1, 1    printf("\n\n")    hfree esi    inkey    exit;=======================================================================================================end start`
Code: [Select]
`16122400000000  01 00 00 00 02 00 00 00 - 02 00 00 00 03 00 00 00   ................00000000  03 00 00 00 04 00 00 00 - 02 00 00 00 05 00 00 00   ................00000000  05 00 00 00 06 00 00 00 - 02 00 00 00 07 00 00 00   ................00000000  07 00 00 00 08 00 00 00 - 02 00 00 00 00 00 00 00   ................400000000  01 00 00 00 02 00 00 00 - 02 00 00 00 03 00 00 00   ................00000000  03 00 00 00 04 00 00 00 - 02 00 00 00 05 00 00 00   ................00000000  05 00 00 00 06 00 00 00 - 02 00 00 00 07 00 00 00   ................00000000  07 00 00 00 08 00 00 00 - 02 00 00 00 00 00 00 00   ................`
Well Microsoft, here’s another nice mess you’ve gotten us into.

#### Tedd

• Member
• Posts: 377
• Procrastinor Extraordinaire
##### Re: RtlCopyMemory
« Reply #21 on: July 07, 2014, 10:05:29 PM »
RtlCopyMemory/memcpy copies memory from A to B, under the assumption they do not overlap.
RtlMoveMemory/memmove copies memory from A to B, under the assumption they do overlap.

The latter will still work if they are not overlapping, but takes extra unnecessary steps in that case.
If you look at the source code (.\crt\string\I386\MEMCPY.ASM) you will see it's the same code. So both of them check for overlap.
That's an implementation detail. It just happens that in the Microsoft C runtime, they chose to implement them both using the same function that checks for overlap and then jumps to the appropriate method (copy forwards or backwards), but it doesn't have to be implemented that way. Another version could very well implement them separately, without any direct checking for overlap.
Potato2

#### Zen

• Member
• Posts: 962
• slightly red-shifted
##### Re: RtlCopyMemory
« Reply #22 on: July 08, 2014, 09:24:24 AM »

« Last Edit: July 20, 2014, 03:21:49 AM by Zen »
Zen