Sign in to follow this  
Followers 0
Andreik

Retrieve data from ST0

7 posts in this topic

Hi guys,

I wrote a factorial function in assembly and I called it from AutoIt like in example below:

#AutoIt3Wrapper_UseX64=n
#include <Memory.au3>

$iNumber = 7
MsgBox(0,"",Factorial($iNumber))

Func Factorial($Number)
    $bOPCode = "0x5589E58B450883F8007C1A83F8017E0E89C149F7E183F90177F85DC20400B801000000EBF583C8FFEBF0"
    $iSize = BinaryLen($bOPCode)
    $pBuffer = _MemVirtualAlloc(0,$iSize,$MEM_COMMIT,$PAGE_EXECUTE_READWRITE)
    $tBuffer = DllStructCreate("byte[" & $iSize & "]",$pBuffer)
    DllStructSetData($tBuffer,1,$bOPCode)
    $aRet = DllCallAddress("int",$pBuffer,"int",$iNumber)
    _MemVirtualFree($pBuffer,$iSize,$MEM_RELEASE)
    If IsArray($aRet) Then
        Return $aRet[0]
    Else
        Return "ERROR"
    EndIf
EndFunc

The assembly code from where I got the OP code is this one:

use32
    push ebp
    mov ebp, esp
    mov eax, [ebp + 08]

    cmp eax,0
    jl Error

    cmp eax,1
    jle Set1

    mov ecx,eax
    Again:
    dec ecx
    mul ecx
    cmp ecx,1
    ja Again

    Result:
    pop ebp
    ret 4

    Set1:
    mov eax,1
    jmp Result

    Error:
    or eax,0FFFFFFFFh
    jmp Result

All this works good but I have the limitation of int data type, so one guy suggest me to work with some x87 instructions to extend this limitation. He provide me some code:

factnr:
        fld1
        fild dword[esp+4]      ;arg1
redof:
        fld1
        fcomip st,st1
        jae exit1     
        fld st                
        fld1
        fsubp
        fxch
        fmulp st2,st
        jmp redof
exit1:  
        fstp st
        ; result on st0
        ret 4

but I don't know how to get the result from ST0. Any idea?


When the words fail... music speaks

Share this post


Link to post
Share on other sites



This is kind of confusing.

What do you mean?

You have the result where it should be.

Your code returns float. That's all.

DllCallAddress("float", ...

What is it that's confusing to you?


♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites

Just for curious what op code you got? I still get program crash, I got this op code with ollydbg

"0xD9E867DB442404D9E8DFF1730CD9C0D9E8DEE9D9C9DECAEBEEDDD8C20400"

When the words fail... music speaks

Share this post


Link to post
Share on other sites

Got?

I didn't get any code. I run code like that in my head. :D


♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites

#5 ·  Posted (edited)

Ahhh your mind seems to be a processor :D

I tried with double, with float but the program still crash.

EDIT:

Got it, I don't know why I got 1 byte more with OllyDbg, I got opcode with FASM Library and seems to work good.

#include <Memory.au3>
$iNumber = 7
MsgBox(0,"",Factorial($iNumber))
Func Factorial($Number)
$bOPCode = "0xD9E8DB442404D9E8DFF1730CD9C0D9E8DEE9D9C9DECAEBEEDDD8C20400"
$iSize = BinaryLen($bOPCode)
$pBuffer = _MemVirtualAlloc(0,$iSize,$MEM_COMMIT,$PAGE_EXECUTE_READWRITE)
$tBuffer = DllStructCreate("byte[" & $iSize & "]",$pBuffer)
DllStructSetData($tBuffer,1,$bOPCode)
$aRet = DllCallAddress("double",$pBuffer,"int",$iNumber)
_MemVirtualFree($pBuffer,$iSize,$MEM_RELEASE)
If IsArray($aRet) Then
  Return $aRet[0]
Else
  Return "ERROR"
EndIf
EndFunc

Thank you trancexx you help me a lot!

Edited by Andreik

When the words fail... music speaks

Share this post


Link to post
Share on other sites

your death to get it running again if there is no

Share this post


Link to post
Share on other sites

scan88,

Welcome to the AutoIt forum. :)

Could you expand on that last post a bit - I am not at all sure what point you are making. ;)

M23


Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind._______My UDFs:

Spoiler

ArrayMultiColSort ---- Sort arrays on multiple columns
ChooseFileFolder ---- Single and multiple selections from specified path treeview listing
Date_Time_Convert -- Easily convert date/time formats, including the language used
ExtMsgBox --------- A highly customisable replacement for MsgBox
GUIExtender -------- Extend and retract multiple sections within a GUI
GUIFrame ---------- Subdivide GUIs into many adjustable frames
GUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView items
GUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeView
Marquee ----------- Scrolling tickertape GUIs
NoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxes
Notify ------------- Small notifications on the edge of the display
Scrollbars ----------Automatically sized scrollbars with a single command
StringSize ---------- Automatically size controls to fit text
Toast -------------- Small GUIs which pop out of the notification area

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0