Calling OpCode Strings

Started by Charles Pegge, June 22, 2007, 08:28:03 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Charles Pegge

This shows how to call strings of x86 machine code. It shows how the EAX register is used to return integer results and how to extract a parameter from the stack, replacing the return address. This assumes the SDECL calling protocol where the called function cleans the stack of any parameters before returning to the caller.

This approach can be used for dynamic assembly or compilation during run time.


' Calling Opcode strings
' Charles E V Pegge
' 22 June 2007

' FreeBasic  ver 0.16b

union opcodestring
s as byte ptr
f as function () as long
f1 as function ( byval long ) as long
end union

dim as string st,st1
dim as opcodestring act,act1

' clear the eax register, increment it  and return

st=chr$(&h33)+chr$(&hc0)+chr$(&h40)+chr$(&hc3)  ' xor eax,eax inc eax ret

' extract the parameter from the stack into eax and return

st1=chr$(&h5a)+chr$(&h58)+chr$(&h52)+chr$(&hc3) ' pop edx pop eax push edx ret

act.s=strptr(st): act1.s=strptr(st1)  ' set string pointers

' Test the strings

print act.f()    ' answer 1

print act1.f1(42) ' answer 42


Charles Pegge


Not quite so simple in PowerBasic:


' Calling Opcode strings
' Charles E V Pegge
' 22 June 2007

' PowerBasic  ver 8.x

#COMPILE EXE
#DIM ALL


UNION opcodestring
s AS BYTE PTR
f  AS LONG PTR
f1 AS LONG PTR
END UNION

DECLARE FUNCTION f() AS LONG
DECLARE FUNCTION f1 (BYVAL v AS LONG) AS LONG


FUNCTION PBMAIN () AS LONG


DIM t AS STRING, st AS STRING ,st1 AS STRING
DIM act AS opcodestring, act1 AS opcodestring
DIM v AS LONG

' clear the eax register, increment it  and return

st=CHR$(&h33)+CHR$(&hc0)+CHR$(&h40)+CHR$(&hc3)  ' xor eax,eax inc eax ret

' extract the parameter from the stack into eax and return

st1=CHR$(&h5a)+CHR$(&h58)+CHR$(&h52)+CHR$(&hc3) ' pop edx pop eax push edx ret

act.s=STRPTR(st): act1.s=STRPTR(st1)  ' set string pointers

' Test the strings

'print act.f()     ' answer 1
'print act1.f1(42) ' answer 42

CALL DWORD act.f USING f() TO v: t=STR$(v)
CALL DWORD act1.f1 USING f1(42) TO v: t=t+"    "+STR$(v)

MSGBOX t

END FUNCTION


Edwin Knoppert

Neat..
I thought it required VirtualAlloc() or something to execute opcode.

Charles Pegge

No, you can execute opcodes from anywhere as long as there are no address dependencies in the code itself. Since most x86 calls and jumps are 'relative' and variables are stack based or indexed from a register, this is very easy to do.

As you can see, some of the coding effort goes into persuading Basic that what you want to do is legitimate and that you are not just messing about.

Donald Darden

It's an interesting idea, but where or why would you expect to resort to this?
I could see that you could read something into a string to esecute it this way,
but I can't conceive of anything I would trust to read in this manner and trust on the blind to do something beneficial for my program.  It it were already in my
program, then it would actually be much easier to use the inline assembler.

Charles Pegge

This technique can be used in scripting languages to compile on-the-fly instead of interpreting rext or byte code. This is especially useful for speeding up repetitive blocks of code.

It opens up all kinds of possibilities for high level language development,
resolving the conflict between speed and flexibility.

Eros Olmi

FBSL interpreter uses this technique: www.fbsl.net
If you install it there are some examples showing it
thinBasic Script Interpreter - www.thinbasic.com | www.thinbasic.com/community
Win7Pro 64bit - 8GB Ram - Intel i7 M620 2.67GHz - NVIDIA Quadro FX1800M 1GB

Charles Pegge


Thanks Eros, I had a look at their website and online manual. They seem to have everything! I would quite like to know how to create DLLs and EXE
files from scratch. Header formats and table etc. Not that these are needed with dynamic compilation.

Gérôme Guillemin

Quote from: Charles Pegge on June 23, 2007, 01:47:03 PM

Thanks Eros, I had a look at their website and online manual. They seem to have everything! I would quite like to know how to create DLLs and EXE
files from scratch. Header formats and table etc. Not that these are needed with dynamic compilation.



The opcode technique is used within the FBSL Eclecta's IDE, an IDE 100% made in FBSL code with syntax color done thanks to these opcodes :)