2006-09-07 16:14:53 +02:00
|
|
|
|
format ELF
|
|
|
|
|
section '.text' executable
|
|
|
|
|
public start
|
2016-05-11 16:53:54 +02:00
|
|
|
|
public start as '_start'
|
|
|
|
|
;extrn mf_init
|
2006-09-07 16:14:53 +02:00
|
|
|
|
extrn main
|
2016-05-11 16:53:54 +02:00
|
|
|
|
;include 'debug2.inc'
|
|
|
|
|
__DEBUG__=0
|
2006-11-21 13:36:25 +01:00
|
|
|
|
|
2016-05-11 16:53:54 +02:00
|
|
|
|
;start_:
|
2006-09-07 16:14:53 +02:00
|
|
|
|
virtual at 0
|
2006-11-21 13:36:25 +01:00
|
|
|
|
db 'MENUET01' ; 1. Magic number (8 bytes)
|
|
|
|
|
dd 0x01 ; 2. Version of executable file
|
2016-05-11 16:53:54 +02:00
|
|
|
|
dd start ; 3. Start address
|
2006-11-21 13:36:25 +01:00
|
|
|
|
dd 0x0 ; 4. Size of image
|
|
|
|
|
dd 0x100000 ; 5. Size of needed memory
|
|
|
|
|
dd 0x100000 ; 6. Pointer to stack
|
|
|
|
|
hparams dd 0x0 ; 7. Pointer to program arguments
|
|
|
|
|
hpath dd 0x0 ; 8. Pointer to program path
|
2006-09-07 16:14:53 +02:00
|
|
|
|
end virtual
|
2016-05-11 16:53:54 +02:00
|
|
|
|
|
2006-09-07 16:14:53 +02:00
|
|
|
|
start:
|
2016-05-11 16:53:54 +02:00
|
|
|
|
;DEBUGF 'Start programm\n'
|
|
|
|
|
;init heap of memory
|
|
|
|
|
mov eax,68
|
|
|
|
|
mov ebx,11
|
|
|
|
|
int 0x40
|
|
|
|
|
|
|
|
|
|
;DEBUGF ' path "%s"\n params "%s"\n', .path, .params
|
2006-09-07 16:14:53 +02:00
|
|
|
|
; check for overflow
|
|
|
|
|
mov al, [path+buf_len-1]
|
2006-11-21 13:36:25 +01:00
|
|
|
|
or al, [params+buf_len-1]
|
2006-09-07 16:14:53 +02:00
|
|
|
|
jnz .crash
|
|
|
|
|
; check if path written by OS
|
|
|
|
|
mov eax, [hparams]
|
|
|
|
|
test eax, eax
|
2006-11-21 13:36:25 +01:00
|
|
|
|
jz .without_path
|
2006-09-07 16:14:53 +02:00
|
|
|
|
mov eax, path
|
|
|
|
|
.without_path:
|
|
|
|
|
mov esi, eax
|
|
|
|
|
call push_param
|
|
|
|
|
; retrieving parameters
|
|
|
|
|
mov esi, params
|
|
|
|
|
xor edx, edx ; dl - <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>(1) <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>(0)
|
2006-11-21 13:36:25 +01:00
|
|
|
|
; dh - <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> (1 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>, 0 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>)
|
2006-09-07 16:14:53 +02:00
|
|
|
|
mov ecx, 1 ; cl = 1
|
2006-11-21 13:36:25 +01:00
|
|
|
|
; ch = 0 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>
|
2006-09-07 16:14:53 +02:00
|
|
|
|
.parse:
|
|
|
|
|
lodsb
|
|
|
|
|
test al, al
|
2006-11-21 13:36:25 +01:00
|
|
|
|
jz .run
|
2006-09-07 16:14:53 +02:00
|
|
|
|
test dl, dl
|
|
|
|
|
jnz .findendparam
|
2006-11-21 13:36:25 +01:00
|
|
|
|
;{<7B><><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
2006-09-07 16:14:53 +02:00
|
|
|
|
cmp al, ' '
|
2006-11-21 13:36:25 +01:00
|
|
|
|
jz .parse ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>, <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
2006-09-07 16:14:53 +02:00
|
|
|
|
mov dl, cl ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
cmp al, '"'
|
2006-11-21 13:36:25 +01:00
|
|
|
|
jz @f ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
2006-09-07 16:14:53 +02:00
|
|
|
|
mov dh, ch ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
dec esi
|
|
|
|
|
call push_param
|
|
|
|
|
inc esi
|
|
|
|
|
jmp .parse
|
|
|
|
|
|
|
|
|
|
@@:
|
|
|
|
|
mov dh, cl ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
call push_param ;<3B><><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
jmp .parse ;<3B><><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>}
|
|
|
|
|
|
|
|
|
|
.findendparam:
|
|
|
|
|
test dh, dh
|
2006-11-21 13:36:25 +01:00
|
|
|
|
jz @f ; <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
2006-09-07 16:14:53 +02:00
|
|
|
|
cmp al, '"'
|
2006-11-21 13:36:25 +01:00
|
|
|
|
jz .clear
|
2006-09-07 16:14:53 +02:00
|
|
|
|
jmp .parse
|
|
|
|
|
@@:
|
|
|
|
|
cmp al, ' '
|
|
|
|
|
jnz .parse
|
|
|
|
|
|
|
|
|
|
.clear:
|
|
|
|
|
lea ebx, [esi - 1]
|
|
|
|
|
mov [ebx], ch
|
|
|
|
|
mov dl, ch
|
|
|
|
|
jmp .parse
|
|
|
|
|
|
|
|
|
|
.run:
|
2016-05-11 16:53:54 +02:00
|
|
|
|
;DEBUGF 'call main(%x, %x) with params:\n', [argc], argv
|
2006-09-07 16:14:53 +02:00
|
|
|
|
if __DEBUG__ = 1
|
|
|
|
|
mov ecx, [argc]
|
|
|
|
|
@@:
|
|
|
|
|
lea esi, [ecx * 4 + argv-4]
|
2016-05-11 16:53:54 +02:00
|
|
|
|
DEBUGF '0x%x) "%s"\n', cx, [esi]
|
2006-09-07 16:14:53 +02:00
|
|
|
|
loop @b
|
|
|
|
|
end if
|
|
|
|
|
push argv
|
2006-11-21 13:36:25 +01:00
|
|
|
|
push [argc]
|
2006-09-07 16:14:53 +02:00
|
|
|
|
call main
|
|
|
|
|
.exit:
|
2016-05-11 16:53:54 +02:00
|
|
|
|
;DEBUGF 'Exit from prog\n';
|
2006-09-07 16:14:53 +02:00
|
|
|
|
xor eax,eax
|
|
|
|
|
dec eax
|
|
|
|
|
int 0x40
|
2006-11-21 13:36:25 +01:00
|
|
|
|
dd -1
|
2006-09-07 16:14:53 +02:00
|
|
|
|
.crash:
|
2016-05-11 16:53:54 +02:00
|
|
|
|
;DEBUGF 'E:buffer overflowed\n'
|
2006-09-07 16:14:53 +02:00
|
|
|
|
jmp .exit
|
|
|
|
|
;============================
|
|
|
|
|
push_param:
|
|
|
|
|
;============================
|
|
|
|
|
;parameters
|
|
|
|
|
; esi - pointer
|
|
|
|
|
;description
|
|
|
|
|
; procedure increase argc
|
|
|
|
|
; and add pointer to array argv
|
|
|
|
|
; procedure changes ebx
|
|
|
|
|
mov ebx, [argc]
|
|
|
|
|
cmp ebx, max_parameters
|
|
|
|
|
jae .dont_add
|
|
|
|
|
mov [argv+4*ebx], esi
|
|
|
|
|
inc [argc]
|
|
|
|
|
.dont_add:
|
|
|
|
|
ret
|
|
|
|
|
;==============================
|
2016-05-11 16:53:54 +02:00
|
|
|
|
public argc as '__argc'
|
2006-09-07 16:14:53 +02:00
|
|
|
|
public params as '__argv'
|
|
|
|
|
public path as '__path'
|
|
|
|
|
|
|
|
|
|
section '.bss'
|
|
|
|
|
buf_len = 0x400
|
|
|
|
|
max_parameters=0x20
|
2006-11-21 13:36:25 +01:00
|
|
|
|
argc rd 1
|
|
|
|
|
argv rd max_parameters
|
|
|
|
|
path rb buf_len
|
|
|
|
|
params rb buf_len
|
2006-09-07 16:14:53 +02:00
|
|
|
|
|
2016-05-11 16:53:54 +02:00
|
|
|
|
;section '.data'
|
|
|
|
|
;include_debug_strings ; ALWAYS present in data section
|