freebsd asm
ari edelkind
edelkind-freebsd-hackers at episec.com
Mon Jun 14 16:41:09 GMT 2004
jncastellano at noconname.org said this stuff:
[...]
> [demon]~$ cat hello.asm
> %include 'system.inc'
> section .data
> hola db 'Hola', 0Ah
> hbytes equ $-hola
> section .text
> global _start
> _start:
> push dword hbytes
> push dword hola
> push dword stdout
> sys.write
> push dword 0
> sys.exit
>
> [demon]~$ nasm -f elf hello.asm
> hello.asm:1: fatal: unable to open include file `system.inc'
>
> ?Where is that file?... the -current port of nasm is incomplete ?
system.inc is not a part of nasm.
> Ok... we take some modifications...
>
> << %include 'system.inc'
> <<push dword stdout , and we replace it with push dword 1
nasm also has no knowledge of sys.<func> style directives, so they are
ignored. The directives in question would be located in the system.inc
file that you don't have, and your program may as well be:
hola db 'Hola', 0Ah
hbytes equ $-hola
section .text
global _start
_start:
push dword hbytes
push dword hola
push dword 1
push dword 0
... which doesn't exit, therefore your program accesses memory addresses
that aren't meant to supply program code, and it crashes.
Freebsd system calls are generally accessed using interrupt vector 0x80.
The function that deals with this interrupt in the kernel expects the
number of the system call in eax, and it expects the program to have
called a function along the way. Thus, it's looking for the following
stack structure:
[RRRR][DDDD][SSSS][NNNN]
RRRR: return address, inserted by 'call' instruction
DDDD: descriptor vector
SSSS: string address
NNNN: number of bytes to write.
To get this, you can try something like the following:
hola db 'Hola', 0Ah
hbytes equ $-hola
section .text
global _start
_start:
push dword hbytes
push dword hola
push dword 1
mov eax, 4 ; SYS_write
call doint
push dword 0
mov eax, 1 ; SYS_exit
call doint
doint:
int 0x80
ret
You can find the necessary system call numbers in
/usr/include/sys/syscall.h .
ari
More information about the freebsd-hackers
mailing list