Solved

MASM equivilent to _emit

Posted on 2011-03-23
8
741 Views
Last Modified: 2012-05-11
I have a C++ function that contains one huge _asm block (over 1000 lines).  I'm trying to convert this C++ function to true assymbly so that I can compile it with the 64-bit MASM.

I'm running into some _emit commands and the MASM assymbler doesn't know what that is.  
LONG ExampeC_Function( LONG bitwidth )
{
    if( bitwidth > 10000 )
        return -1;
__asm
{
    mov    eax,bitwith
    and    eax,7
    ...
    add     esi,eax
    and     ecx,07H
    mov     ebx,[esi]
    _emit 0x0F
    _emit 0xCB
    mov      eax,ebx
    ...
    mov      lReturn,eax
}
    return lReturn;
}

Open in new window

0
Comment
Question by:HooKooDooKu
  • 4
  • 4
8 Comments
 
LVL 11

Accepted Solution

by:
Akenathon earned 500 total points
ID: 35202993
Try DB instead of _emit, see here
0
 
LVL 16

Author Comment

by:HooKooDooKu
ID: 35203050
Two questions:

1. Will DB place the BYTE into the source code like _emit is supposed to?  (I'll admit, I'm not sure what _emit is exactly supposed to do, or why the programmer that wrote the code is using _emit).

2. I would like to leave the asm code as untouched as possible.  Is there a way I can define a MACRO that will automatically convert the _emit 0x0F into DB 0x0F?  I tried the following, but it failed:

_emit MACRO insert_byte
  DB insert_byte
ENDM
0
 
LVL 16

Author Comment

by:HooKooDooKu
ID: 35203094
I tried to replace "_emit 0x0F" with "DB 0x0F" in the middle of source code, and I get the error "missing operator in expression".
0
 
LVL 11

Expert Comment

by:Akenathon
ID: 35207162
1. Yes... actually the docs for _emit say that it does just the same as DB... look here

2. Your syntax for the macro looks fine, though I don't know whether macro names can start by an underscore. Here are a couple of nice macro links:
http://www.arl.wustl.edu/~lockwood/class/cs306/books/artofasm/Chapter_8/CH08-7.html#HEADING7-288
http://www.cs.uregina.ca/Links/class-info/250/f06/lab8/

3. (!) Try giving a label name before DB. Instead of "db 8", say "somelabel db 8"

If you really really want to dig deeper into this... see here
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 16

Author Comment

by:HooKooDooKu
ID: 35212427
I've already discovered one problem... I've got C++ hex values rather than MASM hex values.  That now gets the code to at least compile.

I had already found the Microsoft documentation... and noticed the word "resembles" NOT "does the same as".

The deeper part didn't really seem to go much deeper (as it seemed to be more of a discussion of .code v .data).  However at least one poster stated "Generally, you can have a db anywhere you like; it merely "defines a byte" at that point in code." which SOUNDS like DB will do the same as _emit (i.e. place values in the middle of the code).

So if I understand this correctly, I could write hand-assymboled code in MASM where I enter all the op codes with either _emit or DB commands rather than use Assymbly numonics (i.e. rather then enter the command "inc cx", I could accomplish the same thing with "DB 041h".)
0
 
LVL 11

Expert Comment

by:Akenathon
ID: 35216394
Exactly. If you don't like mnemonics, you can use the opcodes. That would be taking a leap from an assembly programmer to a machine code programmer... as in the old times!

And yes, DB throws the bytes you want where you say. That's why they were ranting about placing arbitrary bytes on a code section -they could be interpreted as code and executed.

Now... why do you think the original programmer used it? My guess is that the original compiler did not recognize the assembler instruction he wanted, so he had to resort to using _emit to get the corresponding opcodes in the code. Your best move is to "migrate" those opcodes to the actual assembler mnemonics they represent, so if you find e.g. "_emit 0x41" you ought to replace it with "inc cx" :-)
0
 
LVL 16

Author Closing Comment

by:HooKooDooKu
ID: 35216984
Thanks for all the feedback.

I've been able to execute the code... and at least the end results are the same as the original code that used the c++ wrapper function around an _asm block.

I'm going to follow up to see what these opcodes are that the original programmer put in there.
0
 
LVL 11

Expert Comment

by:Akenathon
ID: 35235144
Found it, it's "BSWAP ebx", which is 100% consistent with the sandwiching commands:

    mov     ebx,[esi]
   bswap ebx
    mov      eax,ebx

It "Changes the byte order of a 32 bit register from big endian to little endian or vice versa", so if EBX has 0x01020304, it will turn it into 0x04030201 and vice versa :-)
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Written by John Humphreys C++ Threading and the POSIX Library This article will cover the basic information that you need to know in order to make use of the POSIX threading library available for C and C++ on UNIX and most Linux systems.   [s…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
The viewer will learn how to pass data into a function in C++. This is one step further in using functions. Instead of only printing text onto the console, the function will be able to perform calculations with argumentents given by the user.
The viewer will learn how to clear a vector as well as how to detect empty vectors in C++.

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now