News:

Masm32 SDK description, downloads and other helpful links
Message to All Guests
NB: Posting URL's See here: Posted URL Change

Main Menu

Embarrassingly Simple Problem

Started by Zen, August 01, 2014, 05:32:23 AM

Previous topic - Next topic

dedndave

i sometimes see this....
    INVOKE  Proc1,something   ;returns a result in EAX
    mov     edx,eax
    INVOKE  Proc2,edx,addr somethingelse


that's silly - well, you don't notice it until you disassemble it   :biggrin:

this would be a better solution
    INVOKE  Proc1,something
    lea     edx,somethingelse
    INVOKE  Proc2,eax,edx

Zen

DAVE !!!
Yeah,...good stuff, thanks. And, I didn't use the eax register with LEA,...
And,...LEA edx, [ecx],...with ecx being the address to the ACCESS_ALLOWED_ACE structure, works fine,...as does the LEA instruction with any of the structure members of the ACE_HEADER structure,...
Every ACE structure begins with an ACE_HEADER structure,...so this is where you begin. You access the AceType member of the ACE_HEADER structure,...so you can determine what format the rest of the data has,...this works correctly in my program (I have four Access Allowed ACEs, I have verified that the pointers are valid, and correspond with the size, in bytes of the ACE,...)
Something else is interfering with my project. I've had alot of simple code sequences fail for no apparent reason,...stuff that doesn't even make sense,...even, to my deranged mentality,...:dazzled:
My thinking is that I'm running a 32-bit app on Windows Seven, 64-bit version, and the computer uses an Intel 64-bit processor,...
...Also,...I'm using a public terminal at a public Library,...and, who the hell knows what kind of software they're running,...

What amazes me is that this FAILS:
        mov ecx, dwptrACE    ;    dwptrACE is a pointer to the ACE returned from GetAce.   
        ASSUME ecx: PTR ACCESS_ALLOWED_ACE       
        LEA edx, [ecx]   ;    This works, but is not the correct address of the SID.   
        ADD edx, 8    ;    8 bytes is the offset to the SidStart member of the ACCESS_ALLOWED_ACE structure.
        ASSUME ecx: NOTHING
        mov dwptrAceSID, edx    ;    dwptrAceSID is a pointer to the SID enclosed in an ACE.   
        invoke IsValidSid, dwptrAceSID


The above code block compiles but, the App hangs (for no apparent reason),... :dazzled:
...If I comment out the, ADD edx, 8 line,...it compiles and works perfectly,...except, of course, that edx is not the correct address of the SID,...And, yes,...it is an ACCESS ALLOWED ACE (there are 13 different types of ACEs, and each different variety uses a different structure to access its data),...
Have you EVER seen an ADD instruction FAIL ???

dedndave

you realize that
LEA edx, [ecx]

is the same as
mov edx,ecx

dedndave

IsValidSid requires a pointer to an SID structure - not an SID

you can combine these lines
        LEA edx, [ecx]   ;    This works, but is not the correct address of the SID.   
        ADD edx, 8    ;    8 bytes is the offset to the SidStart member of the ACCESS_ALLOWED_ACE structure.


lea edx,[ecx+8]

Zen

Yeah,...I know,...
In fact,...I used that EXACT line of code (lea edx,[ecx+8]), as my first attempt (it's in the very first post of this thread),...
This COULD be a DARK MATTER problem,...I haven't explored that one yet,...
And, thanks,...DAVE,...you guys have just confirmed what I already thought,...
At this point, I'm giving up, and proceeding to more exciting scenarios,...
THANKS AGAIN FOR YOUR HELP,...


Zen

DAVE !!!
You will LOVE this one:
There is actually a function named,...ConvertSecurityDescriptorToStringSecurityDescriptor,...
Here is a Raymond Chen blog entry: What Is the Default Security Descriptor?, Mar 2004
...I've already got this one invoked in my code (is this exciting, or what ???)
Here is what my Log File reports (about the DACL):
QuoteConvertSecurityDescriptorToStringSecurityDescriptor SUCCEEDED.
The size, in TCHARs, of the security descriptor string is: 97