NO

Author Topic: CALL vs JMP  (Read 131 times)

Online Jokaste

  • Member
  • *
  • Posts: 101
  • Never be pleased, always improve.
    • ImgTools
CALL vs JMP
« on: October 06, 2017, 10:12:07 pm »
When I used MASM32 for the following example I did :

Code: [Select]
PUSH OFFSET szAppName
PUSH OFFSET szOtherStuff
PUSH NULL
CALL ShellAbout
JMP Eoj

Replaced by :

PUSH OFFSET szAppName
PUSH OFFSET szOtherStuff
PUSH NULL
PUSH OFFSET Eoj
JMP ShellAbout

.
.
.

Eoj :
         RET

I would like to do the same thing under PoAsm 64 bits, but I don't understand how to do.
Because the call instruction is a jump instruction that has push the returned address before.

I would like to try this :

Code: [Select]

mov RCX,OFFSET szAppName
mov RDX,OFFSET szOtherStuff
mov R8,NULL
mov RAX,OFFSET Eoj
mov [rsp + 32],RAX
JMP ShellAbout

.
.
.

Eoj :
         RET


I would like some advices.
Thanks.
Kenavo

Offline Vortex

  • Member
  • *
  • Posts: 501
    • http://www.vortex.masmcode.com
Re: CALL vs JMP
« Reply #1 on: October 06, 2017, 11:04:33 pm »
Hi  Jokaste,

Your parameters does not look correct :

Code: [Select]
int ShellAbout(
  _In_opt_ HWND    hWnd,
  _In_     LPCTSTR szApp,
  _In_opt_ LPCTSTR szOtherStuff,
  _In_opt_ HICON   hIcon
);

https://msdn.microsoft.com/en-us/library/windows/desktop/bb762152%28v=vs.85%29.aspx
Code it... That's all...

Offline Vortex

  • Member
  • *
  • Posts: 501
    • http://www.vortex.masmcode.com
Re: CALL vs JMP
« Reply #2 on: October 06, 2017, 11:27:31 pm »
Hi Jokaste,

Could you try the code below?

Code: [Select]
MessageBoxA PROTO :QWORD,:QWORD,:QWORD,:QWORD
MessageBox EQU <MessageBoxA>

ExitProcess PROTO :QWORD

EXTERN ShellAboutA:PROC
ShellAbout TEXTEQU <ShellAboutA>

.data

msg     db 'Hello!',0
capt    db 'Test application',0

.code

main PROC PARMAREA=4*QWORD

xor    rcx,rcx
        mov    rdx,OFFSET capt
        mov    r8,OFFSET msg
        xor    r9,r9
mov    rax,OFFSET finish
        push   rax
        jmp    ShellAbout

        mov    rax,OFFSET msg ; this code
                              ; is never reached

        mov    BYTE PTR [rax],65
finish:
        invoke MessageBox,0,ADDR msg,ADDR capt,0
        invoke ExitProcess,0

main ENDP

END
Code it... That's all...

Online Jokaste

  • Member
  • *
  • Posts: 101
  • Never be pleased, always improve.
    • ImgTools
Re: CALL vs JMP
« Reply #3 on: October 07, 2017, 01:59:17 am »
Thank you Vortex.

I have rewritten the main message loop like this :

Code: [Select]
                     ALIGN   16

@MsgLoop :

                        lea      rcx,_Msg
                        xor      rdx,rdx
                        xor      r8,r8
                        xor      r9,r9
                        call   GetMessageA

                        test   rax,rax
                        jz      @MsgLoopEnd

                           mov      rax,OFFSET hDlgFiles
                           lea      rdx,_Msg
                           mov      rcx,[rax]
                           call   IsDialogMessage

                           test   rax,rax
                           jnz      @MsgLoop

                              mov      rax,OFFSET hWndMain
                              mov      rdx,OFFSET hAccel
                              mov      rcx,[rax]
                              mov      rdx,[rdx]
                              lea      r8,_Msg
                              call   TranslateAccelerator

                              test   rax,rax
                              jnz      @MsgLoop

                                 lea      rcx,_Msg
                                 call   TranslateMessage

                                 mov      rax,OFFSET @MsgLoop
                                 lea      rcx,_Msg
                                 push   rax
                                 jmp      DispatchMessageA

                     ALIGN   16

@MsgLoopEnd :

                     mov      rax,_Msg.wParam
                     ret
« Last Edit: October 07, 2017, 02:01:31 am by Jokaste »
Kenavo

Online Jokaste

  • Member
  • *
  • Posts: 101
  • Never be pleased, always improve.
    • ImgTools
Re: CALL vs JMP
« Reply #4 on: October 07, 2017, 02:08:23 am »
When I had the following code I did :

Code: [Select]
call Func1
call Func2
jmp SomeWhere

Now I can do :


Code: [Select]
mov RAX,OFFSET SomeWhere
push RAX
mov RAX,OFFSET Func2
push RAX
jmp Func1

If there is no parameter that's OK, but because parameters are passed by the registers (Fourth parameters of course), I can't do :

Code: [Select]
mov        r10,OFFSET SomeWhere
mov        rcx,rax                                        ; hWndMain
mov        rdx,SW_SHOWMAXIMIZED
push       r10
mov        rax,OFFSET hWndMain
mov        rcx,[rax]
mov        rax,OFFSET UpdateWindow
push       rax
jmp        ShowWindow

When UpdateWindow is called RCX contains any value (but not the good one!). The only solution would be to make a "POP", but it will be interpreted during the execution and will correct the stack, removing the return address for UpdateWindow.

This method is good only if the second function does not have parameters.
« Last Edit: October 07, 2017, 02:30:46 am by Jokaste »
Kenavo