Thread: Asm code hook/ modification problem

I have never used Asm before, so I've had a little bit of trouble trying to write a Hook in Asm for a process. I've also had trouble with the function FlushInstructionCache. Here is my problematic code snippet ( the real project is 1,000+ lines, but the rest of the code executes with no problems ).

( The code I posted below begins at line 627 )

Code:

                    Newmem = VirtualAllocEx( RobloxHandle, NULL, 32, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE );


                    if ( Newmem == NULL )
                    {
                        return;
                    } else
                    {
                        __asm
                        {
                            Newmem
                            movss xmm3,[edx]
                            addss xmm3,xmm3
                            addss xmm3,xmm3
                            ret


                            "MyProcess.exe"+0x3BC6AE
                            call Newmem
                            ret
                        };


                        if ( FlushInstructionCache( ProcessHandle, NULL, NULL) == 0 )
                        {
                            return;
                        }
                    }

Here was what I wanted the above code to do :
Overall goal : Create a hook in MyProcess.exe and let the application be able to call the memory I allocated for execution.
Step 1 : Allocate code in memory
Step 2 : Return to main if the Allocation failed ( and exit )
Step 3 : If the allocation did not fail, do the following :
- Put the code in the asm bracket after Newmem at Newmem's address
- Overwrite the code at the offset of "MyProcess.exe"+0x3BC6AE with a call to the allocated memory's address and return back.
- Use FlushInstructionCache() to insure the above code was added and executed properly, and return to main if the function fails ( and exit )
Appendage : Newmem is declared as a void *

Of course, this code executes with 2 warnings and errors which are listed below :

Code:

|In function 'input_loop':|
|635|error: expected '(' before '{' token|
|637|warning: statement with no effect|
|637|error: expected ';' before 'movss'|
|647|warning: passing argument 3 of 'FlushInstructionCache' makes integer from pointer without a cast|
include\winbase.h|1382|note: expected 'DWORD' but argument is of type 'void *'|
||=== Build finished: 2 errors, 2 warnings ===|

Please help me get the code written properly.

Assembly ("Asm") is not one language. It is a general term for a language that is 1:1 (or nearly 1:1) with the actual instruction set of the processor you are programming for. It uses mnemonics for instructions and registers to help people read/write it. As such, assembly has little to do with the C language, except that typically, when you compile C, it gets turned into assembly before being turned into machine code. Furthermore, the C language itself does not provide support for inline assembly. That ability is an extension provided by the compiler. Also, the C language is processor independent, i.e. it can work on Intel, Motorola, ARM, etc processors, which all have different assembly languages, so long as there is a compiler that can translate C into that assembly/machine language.

In light of all these facts, it's near impossible for us to say with certainty what your problems are. It would help if we knew:
1. processor - which assembly language should you be using
2. OS - what system calls, etc might you need
3. compiler - so we can help you figure out the exact syntax for inline assembly in that compiler

1) AMD Athlon(tm) II X2 250 Processor 3.00 GHz
2) Windows 7 - 64 bit
3) Code::Blocks - Full version

Originally Posted by BatchProgrammer

3) Code::Blocks - Full version

Code::Blocks is an IDE. What compiler are you using with it? MinGW or something else?

MinGW

I don't see how you'll be able to assemble the asm code at a dynamic memory location. Think about it: in order for the program to execute (and therefore be able to retrieve the dynamic address) the program must be compiled, which includes the asm part. But you don't have the address yet!

Instead, you'll have to determine the actual machine code for the asm and write that data into newmem.

And the assembly syntax for gcc (assuming that's what you're using) is more like this:

Code:

__asm__ (
    "movss %xmm3,(%edx)\n\t"
    "addss %xmm3,%xmm3\n\t"
    "addss %xmm3,%xmm3\n\t"
    "ret"
);

GCC-Inline-Assembly-HOWTO

^ What? I stored the address in the Newmem pointer though. Not exactly sure what you're trying to tell me.

Originally Posted by BatchProgrammer

^ What? I stored the address in the Newmem pointer though. Not exactly sure what you're trying to tell me.

Inline assembly code assembles at compile time, but at compile time you won't have the dynamic address. You need to poke the actual machine code bytes into the new memory at runtime if you want to create your asm program dynamically.

For instance, your code assembles to:

Code:

f3 0f 11 1a          	movss  %xmm3,(%edx)
f3 0f 58 db          	addss  %xmm3,%xmm3
f3 0f 58 db          	addss  %xmm3,%xmm3
c3                   	ret

So you need to poke those bytes (0xf3, 0x0f, etc.) into your new memory.

Depending on what you're trying to do, I forsee other troubles. For example, are you sure edx will contain a proper address?