Compiling inline Assembly

Hi all,

How to compile Inline Assembly code.

__asm {
dd 00h
}

If i compile this line it is giveing following error.

error C2400: inline assembler syntax error in ‘opcode’; found ‘constant’

Is their any way to compile this ?

Thanks in Advance,
Satish K.S


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

If you are using Microsoft C, you will need to use _emit e.g.

__asm {
_emit 0x00
}

Shaun

Satish wrote:
> Hi all,
>
> How to compile Inline Assembly code.
>
> __asm {
> dd 00h
> }
>
> If i compile this line it is giveing following error.
>
> error C2400: inline assembler syntax error in ‘opcode’; found
> ‘constant’
>
> Is their any way to compile this ?
>
> Thanks in Advance,
> Satish K.S
>
> —
> You are currently subscribed to ntfsd as: xxxxx@sdlabs.demon.co.uk
> To unsubscribe send a blank email to
> leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

try putting your asm statement in quotes …
__asm {
“dd 00h \n”
}

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Satish
Sent: Thursday, May 10, 2001 4:35 PM
To: File Systems Developers
Subject: [ntfsd] Compiling inline Assembly

Hi all,

How to compile Inline Assembly code.

__asm {
dd 00h
}

If i compile this line it is giveing following error.

error C2400: inline assembler syntax error in ‘opcode’; found ‘constant’

Is their any way to compile this ?

Thanks in Advance,
Satish K.S


You are currently subscribed to ntfsd as: xxxxx@veritas.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Thanks a lot. It iw working fine now :slight_smile:

Regards,
Satish K.S

If you are using Microsoft C, you will need to use _emit e.g.

__asm {
_emit 0x00
}

Shaun

Satish wrote:
> > Hi all,
> >
> > How to compile Inline Assembly code.
> >
> > __asm {
> > dd 00h
> > }
> >
> > If i compile this line it is giveing following error.
> >
> > error C2400: inline assembler syntax error in ‘opcode’; found
> > ‘constant’
> >
> > Is their any way to compile this ?
> >
> > Thanks in Advance,
> > Satish K.S
> >
> > —
> > You are currently subscribed to ntfsd as: xxxxx@sdlabs.demon.co.uk
> > To unsubscribe send a blank email to
> > leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>
>
>
>
> —
> You are currently subscribed to ntfsd as: xxxxx@aalayance.com
> To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

you cant use in inline assembler any DB , DW , DD etc , also DUP or THIS is not vaild to use on an inline assembler.
why do u need to do it ? are you trying to do a self modify code ?
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:04 PM
Subject: [ntfsd] Compiling inline Assembly

Hi all,

How to compile Inline Assembly code.

__asm {
dd 00h
}

If i compile this line it is giveing following error.

error C2400: inline assembler syntax error in ‘opcode’; found ‘constant’

Is their any way to compile this ?

Thanks in Advance,
Satish K.S


You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Yea i am doing Self modify. Do u have any sample for this ?

Regards,
Satish K.S
----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 6:16 PM
Subject: [ntfsd] Re: Compiling inline Assembly

you cant use in inline assembler any DB , DW , DD etc , also DUP or THIS is not vaild to use on an inline assembler.
why do u need to do it ? are you trying to do a self modify code ?
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:04 PM
Subject: [ntfsd] Compiling inline Assembly

Hi all,

How to compile Inline Assembly code.

__asm {
dd 00h
}

If i compile this line it is giveing following error.

error C2400: inline assembler syntax error in ‘opcode’; found ‘constant’

Is their any way to compile this ?

Thanks in Advance,
Satish K.S


You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

i saw the answer about the _emit , good to know about it :wink: but here is mostly the same way.

__asm {
jmp domodify
modifyhere:
nop ;will become INT 20 (CDh,20h)
nop
ret
domodify:
mov BYTE PTR [modifyhere],0xcd
mov BYTE PTR [modifyhere+1],0x20
jmp modifyhere
}

the idea is to make a label and just and nop the places you like to modify (nop cost one byte (opcode)).

and then i just write to the label offset.

it mostly the same ;).

have fun,
Nuno1
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:57 PM
Subject: [ntfsd] Re: Compiling inline Assembly

Yea i am doing Self modify. Do u have any sample for this ?

Regards,
Satish K.S
----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 6:16 PM
Subject: [ntfsd] Re: Compiling inline Assembly

you cant use in inline assembler any DB , DW , DD etc , also DUP or THIS is not vaild to use on an inline assembler.
why do u need to do it ? are you trying to do a self modify code ?
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:04 PM
Subject: [ntfsd] Compiling inline Assembly

Hi all,

How to compile Inline Assembly code.

__asm {
dd 00h
}

If i compile this line it is giveing following error.

error C2400: inline assembler syntax error in ‘opcode’; found ‘constant’

Is their any way to compile this ?

Thanks in Advance,
Satish K.S


You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Can i get any sample for NT Driver which is written in Assembly. ?

Regards,
Satish K.S
----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 7:15 PM
Subject: [ntfsd] Re: Compiling inline Assembly

i saw the answer about the _emit , good to know about it :wink: but here is mostly the same way.

__asm {
jmp domodify
modifyhere:
nop ;will become INT 20 (CDh,20h)
nop
ret
domodify:
mov BYTE PTR [modifyhere],0xcd
mov BYTE PTR [modifyhere+1],0x20
jmp modifyhere
}

the idea is to make a label and just and nop the places you like to modify (nop cost one byte (opcode)).

and then i just write to the label offset.

it mostly the same ;).

have fun,
Nuno1
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:57 PM
Subject: [ntfsd] Re: Compiling inline Assembly

Yea i am doing Self modify. Do u have any sample for this ?

Regards,
Satish K.S
----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 6:16 PM
Subject: [ntfsd] Re: Compiling inline Assembly

you cant use in inline assembler any DB , DW , DD etc , also DUP or THIS is not vaild to use on an inline assembler.
why do u need to do it ? are you trying to do a self modify code ?
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:04 PM
Subject: [ntfsd] Compiling inline Assembly

Hi all,

How to compile Inline Assembly code.

__asm {
dd 00h
}

If i compile this line it is giveing following error.

error C2400: inline assembler syntax error in ‘opcode’; found ‘constant’

Is their any way to compile this ?

Thanks in Advance,
Satish K.S


You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

you searching for a NT Driver that totally written on assembler ?
for what ?!?!
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 3:24 PM
Subject: [ntfsd] Re: Compiling inline Assembly

Can i get any sample for NT Driver which is written in Assembly. ?

Regards,
Satish K.S
----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 7:15 PM
Subject: [ntfsd] Re: Compiling inline Assembly

i saw the answer about the _emit , good to know about it :wink: but here is mostly the same way.

__asm {
jmp domodify
modifyhere:
nop ;will become INT 20 (CDh,20h)
nop
ret
domodify:
mov BYTE PTR [modifyhere],0xcd
mov BYTE PTR [modifyhere+1],0x20
jmp modifyhere
}

the idea is to make a label and just and nop the places you like to modify (nop cost one byte (opcode)).

and then i just write to the label offset.

it mostly the same ;).

have fun,
Nuno1
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:57 PM
Subject: [ntfsd] Re: Compiling inline Assembly

Yea i am doing Self modify. Do u have any sample for this ?

Regards,
Satish K.S
----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 6:16 PM
Subject: [ntfsd] Re: Compiling inline Assembly

you cant use in inline assembler any DB , DW , DD etc , also DUP or THIS is not vaild to use on an inline assembler.
why do u need to do it ? are you trying to do a self modify code ?
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:04 PM
Subject: [ntfsd] Compiling inline Assembly

Hi all,

How to compile Inline Assembly code.

__asm {
dd 00h
}

If i compile this line it is giveing following error.

error C2400: inline assembler syntax error in ‘opcode’; found ‘constant’

Is their any way to compile this ?

Thanks in Advance,
Satish K.S


You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Yea i am searching Driver which is written totally in Assembler.
Do u have any idea where i can get sample ?

Regards,
Satish K.S

----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 8:06 PM
Subject: [ntfsd] Re: Compiling inline Assembly

you searching for a NT Driver that totally written on assembler ?
for what ?!?!
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 3:24 PM
Subject: [ntfsd] Re: Compiling inline Assembly

Can i get any sample for NT Driver which is written in Assembly. ?

Regards,
Satish K.S
----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 7:15 PM
Subject: [ntfsd] Re: Compiling inline Assembly

i saw the answer about the _emit , good to know about it :wink: but here is mostly the same way.

__asm {
jmp domodify
modifyhere:
nop ;will become INT 20 (CDh,20h)
nop
ret
domodify:
mov BYTE PTR [modifyhere],0xcd
mov BYTE PTR [modifyhere+1],0x20
jmp modifyhere
}

the idea is to make a label and just and nop the places you like to modify (nop cost one byte (opcode)).

and then i just write to the label offset.

it mostly the same ;).

have fun,
Nuno1
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:57 PM
Subject: [ntfsd] Re: Compiling inline Assembly

Yea i am doing Self modify. Do u have any sample for this ?

Regards,
Satish K.S
----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 6:16 PM
Subject: [ntfsd] Re: Compiling inline Assembly

you cant use in inline assembler any DB , DW , DD etc , also DUP or THIS is not vaild to use on an inline assembler.
why do u need to do it ? are you trying to do a self modify code ?
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:04 PM
Subject: [ntfsd] Compiling inline Assembly

Hi all,

How to compile Inline Assembly code.

__asm {
dd 00h
}

If i compile this line it is giveing following error.

error C2400: inline assembler syntax error in ‘opcode’; found ‘constant’

Is their any way to compile this ?

Thanks in Advance,
Satish K.S


You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

BITS 32

GLOBAL _DriverEntry
_DriverEntry:
xor eax , eax
retn 8

compile and link this to a .sys and you got a driver which does nothing , but loads.
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 4:24 PM
Subject: [ntfsd] Re: Compiling inline Assembly

Can i get any sample for NT Driver which is written in Assembly. ?

Regards,
Satish K.S
----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 7:15 PM
Subject: [ntfsd] Re: Compiling inline Assembly

i saw the answer about the _emit , good to know about it :wink: but here is mostly the same way.

__asm {
jmp domodify
modifyhere:
nop ;will become INT 20 (CDh,20h)
nop
ret
domodify:
mov BYTE PTR [modifyhere],0xcd
mov BYTE PTR [modifyhere+1],0x20
jmp modifyhere
}

the idea is to make a label and just and nop the places you like to modify (nop cost one byte (opcode)).

and then i just write to the label offset.

it mostly the same ;).

have fun,
Nuno1
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:57 PM
Subject: [ntfsd] Re: Compiling inline Assembly

Yea i am doing Self modify. Do u have any sample for this ?

Regards,
Satish K.S
----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 6:16 PM
Subject: [ntfsd] Re: Compiling inline Assembly

you cant use in inline assembler any DB , DW , DD etc , also DUP or THIS is not vaild to use on an inline assembler.
why do u need to do it ? are you trying to do a self modify code ?
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:04 PM
Subject: [ntfsd] Compiling inline Assembly

Hi all,

How to compile Inline Assembly code.

__asm {
dd 00h
}

If i compile this line it is giveing following error.

error C2400: inline assembler syntax error in ‘opcode’; found ‘constant’

Is their any way to compile this ?

Thanks in Advance,
Satish K.S


You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: danp@jb.rdsor.ro
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

no , i dont . and i believe you dont have any reason to do it…

if it is just to learn somthing its ok . but other then that the ddk offer you everything.
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 3:57 PM
Subject: [ntfsd] Re: Compiling inline Assembly

Yea i am searching Driver which is written totally in Assembler.
Do u have any idea where i can get sample ?

Regards,
Satish K.S

----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 8:06 PM
Subject: [ntfsd] Re: Compiling inline Assembly

you searching for a NT Driver that totally written on assembler ?
for what ?!?!
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 3:24 PM
Subject: [ntfsd] Re: Compiling inline Assembly

Can i get any sample for NT Driver which is written in Assembly. ?

Regards,
Satish K.S
----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 7:15 PM
Subject: [ntfsd] Re: Compiling inline Assembly

i saw the answer about the _emit , good to know about it :wink: but here is mostly the same way.

__asm {
jmp domodify
modifyhere:
nop ;will become INT 20 (CDh,20h)
nop
ret
domodify:
mov BYTE PTR [modifyhere],0xcd
mov BYTE PTR [modifyhere+1],0x20
jmp modifyhere
}

the idea is to make a label and just and nop the places you like to modify (nop cost one byte (opcode)).

and then i just write to the label offset.

it mostly the same ;).

have fun,
Nuno1
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:57 PM
Subject: [ntfsd] Re: Compiling inline Assembly

Yea i am doing Self modify. Do u have any sample for this ?

Regards,
Satish K.S
----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 6:16 PM
Subject: [ntfsd] Re: Compiling inline Assembly

you cant use in inline assembler any DB , DW , DD etc , also DUP or THIS is not vaild to use on an inline assembler.
why do u need to do it ? are you trying to do a self modify code ?
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:04 PM
Subject: [ntfsd] Compiling inline Assembly

Hi all,

How to compile Inline Assembly code.

__asm {
dd 00h
}

If i compile this line it is giveing following error.

error C2400: inline assembler syntax error in ‘opcode’; found ‘constant’

Is their any way to compile this ?

Thanks in Advance,
Satish K.S


You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Don’t use dd, use #define or int i, instead

Regards, Dejan.

Satish wrote:

Hi all, How to compile Inline Assembly code. __asm { dd 00h} If i
compile this line it is giveing following error. error C2400: inline
assembler syntax error in ‘opcode’; found ‘constant’ Is their any way
to compile this ? Thanks in Advance,Satish K.S —
You are currently subscribed to ntfsd as: xxxxx@ptt.yu
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


Kind regards, Dejan M. CEO Alfa Co. www.alfaunits.co.yu and
www.register.co.yu
E-mail : xxxxx@ptt.yu, xxxxx@register.co.yu and
xxxxx@alfaunits.co.yu
ICQ# : 56570367
Professional file&system related components and libraries for Win32
developers.
Alfa File Monitor - #1 file monitoring system for Win32 developers.
Alfa File Protector - #1 file protection and hiding system for Win32
developers.
Alfa Units - #1 file and system handling units for Delphi.


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Thanks u …

I need Filter Driver which is written completly in Assembly. Can u point me somewhere for Sample ?

Regards,
Satish K.S
----- Original Message -----
From: danp
To: File Systems Developers
Sent: Thursday, May 10, 2001 7:48 PM
Subject: [ntfsd] Re: Compiling inline Assembly

BITS 32

GLOBAL _DriverEntry
_DriverEntry:
xor eax , eax
retn 8

compile and link this to a .sys and you got a driver which does nothing , but loads.
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 4:24 PM
Subject: [ntfsd] Re: Compiling inline Assembly

Can i get any sample for NT Driver which is written in Assembly. ?

Regards,
Satish K.S
----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 7:15 PM
Subject: [ntfsd] Re: Compiling inline Assembly

i saw the answer about the _emit , good to know about it :wink: but here is mostly the same way.

__asm {
jmp domodify
modifyhere:
nop ;will become INT 20 (CDh,20h)
nop
ret
domodify:
mov BYTE PTR [modifyhere],0xcd
mov BYTE PTR [modifyhere+1],0x20
jmp modifyhere
}

the idea is to make a label and just and nop the places you like to modify (nop cost one byte (opcode)).

and then i just write to the label offset.

it mostly the same ;).

have fun,
Nuno1
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:57 PM
Subject: [ntfsd] Re: Compiling inline Assembly

Yea i am doing Self modify. Do u have any sample for this ?

Regards,
Satish K.S
----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 6:16 PM
Subject: [ntfsd] Re: Compiling inline Assembly

you cant use in inline assembler any DB , DW , DD etc , also DUP or THIS is not vaild to use on an inline assembler.
why do u need to do it ? are you trying to do a self modify code ?
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:04 PM
Subject: [ntfsd] Compiling inline Assembly

Hi all,

How to compile Inline Assembly code.

__asm {
dd 00h
}

If i compile this line it is giveing following error.

error C2400: inline assembler syntax error in ‘opcode’; found ‘constant’

Is their any way to compile this ?

Thanks in Advance,
Satish K.S


You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: danp@jb.rdsor.ro
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

S> Thanks u …
S> I need Filter Driver which is written completly in Assembly. Can u point me somewhere for Sample ?

Do You think that you’re storng enough to write FSF in assembler? I’ve
tried to do the same in the case of win9x. Tonns of possible BSODS in
each asm line:). Though I’ve done it at least, I’m not sure that I’ll
do the same for NT (or even try).
You’d better concentrate on encryption algos such as DES,… which
would keep your data safe, even if the algorithm is well known.


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Well , there is no such sample. And basicaly , you dont need one. If you know assembly for IA32 , and you know how to write a filter driver in C it will be trivial to port it. Altough it would be an overkill. Just imagine how many structures , enums and stuff you have to translate into
include files from ntddk.h. Waste of time. Unless you are writing custom debugging tools , or you need to interact with HW bypassing NT support , youl hardly ever need to write a single line of code in assembly.
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Friday, May 11, 2001 7:28 AM
Subject: [ntfsd] Re: Compiling inline Assembly

Thanks u …

I need Filter Driver which is written completly in Assembly. Can u point me somewhere for Sample ?

Regards,
Satish K.S
----- Original Message -----
From: danp
To: File Systems Developers
Sent: Thursday, May 10, 2001 7:48 PM
Subject: [ntfsd] Re: Compiling inline Assembly

BITS 32

GLOBAL _DriverEntry
_DriverEntry:
xor eax , eax
retn 8

compile and link this to a .sys and you got a driver which does nothing , but loads.
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 4:24 PM
Subject: [ntfsd] Re: Compiling inline Assembly

Can i get any sample for NT Driver which is written in Assembly. ?

Regards,
Satish K.S
----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 7:15 PM
Subject: [ntfsd] Re: Compiling inline Assembly

i saw the answer about the _emit , good to know about it :wink: but here is mostly the same way.

__asm {
jmp domodify
modifyhere:
nop ;will become INT 20 (CDh,20h)
nop
ret
domodify:
mov BYTE PTR [modifyhere],0xcd
mov BYTE PTR [modifyhere+1],0x20
jmp modifyhere
}

the idea is to make a label and just and nop the places you like to modify (nop cost one byte (opcode)).

and then i just write to the label offset.

it mostly the same ;).

have fun,
Nuno1
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:57 PM
Subject: [ntfsd] Re: Compiling inline Assembly

Yea i am doing Self modify. Do u have any sample for this ?

Regards,
Satish K.S
----- Original Message -----
From: Nuno1
To: File Systems Developers
Sent: Thursday, May 10, 2001 6:16 PM
Subject: [ntfsd] Re: Compiling inline Assembly

you cant use in inline assembler any DB , DW , DD etc , also DUP or THIS is not vaild to use on an inline assembler.
why do u need to do it ? are you trying to do a self modify code ?
----- Original Message -----
From: Satish
To: File Systems Developers
Sent: Thursday, May 10, 2001 1:04 PM
Subject: [ntfsd] Compiling inline Assembly

Hi all,

How to compile Inline Assembly code.

__asm {
dd 00h
}

If i compile this line it is giveing following error.

error C2400: inline assembler syntax error in ‘opcode’; found ‘constant’

Is their any way to compile this ?

Thanks in Advance,
Satish K.S


You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: danp@jb.rdsor.ro
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@aalayance.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: danp@jb.rdsor.ro
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

On the May 10 Nuno the First wrote

i saw the answer about the _emit , good to know about it :wink: but here is mostly the same way.

__asm {
jmp domodify
modifyhere:
nop ;will become INT 20 (CDh,20h)
nop
ret
domodify:
mov BYTE PTR [modifyhere],0xcd
mov BYTE PTR [modifyhere+1],0x20
jmp modifyhere
}

In the code above the storage to modify would be in the code section. If I am not mistaking modification of such a storage
is not possible under W2k (there’s a note in new DDK releases
or article in the knowledge base that the driver code sections are
read only).
_emit itself is used in Win9x DDK to represent the VMM call.

The best regards,
Alex


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

> On the May 10 Nuno the First wrote

> i saw the answer about the _emit , good to know about it :wink: but here is
mostly the same way.
>
> __asm {
> jmp domodify
> modifyhere:
> nop ;will become INT 20 (CDh,20h)
> nop
> ret
> domodify:
> mov BYTE PTR [modifyhere],0xcd
> mov BYTE PTR [modifyhere+1],0x20
> jmp modifyhere
> }
>

In the code above the storage to modify would be in the code section.
If I am not mistaking modification of such a storage
is not possible under W2k (there’s a note in new DDK releases
or article in the knowledge base that the driver code sections are
read only).
_emit itself is used in Win9x DDK to represent the VMM call.

In win2k if we overwrite System file then it doesnt allow. Above code is in
Run Time modifying itself. I think that is possible.

Regards,
Satish K.S


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Is not a question of “system file” or whatever , it is a question of page
level protection. Starting with 486 CPU’s , a new bit was introduced in Cr0
, the WP (Write Protect) bit ,
which prohibits even ring0 code to write on Read Only pages , when set.
This , combined with the fact Win2k by default enforces write protection on
code section of binarys (default, can be modified trough
EnforceWriteProtection registry key), will prevent writes to RO pages. Of
course , this can be bypassed , but again , take our advice and forget this
stuff , focus on a clean & reliable implementation of your toy. You dont
need self modifing code in a filter driver , you dont need ASM in it , you
need a clean and , in the even this is
a encryption filter , a good cryptographic aproach.

----- Original Message -----
From: “Satish”
To: “File Systems Developers”
Sent: Friday, May 11, 2001 2:14 PM
Subject: [ntfsd] Re: Compiling inline Assembly

>
> > On the May 10 Nuno the First wrote
> >
> > > i saw the answer about the _emit , good to know about it :wink: but here
is
> mostly the same way.
> > >
> > > __asm {
> > > jmp domodify
> > > modifyhere:
> > > nop ;will become INT 20 (CDh,20h)
> > > nop
> > > ret
> > > domodify:
> > > mov BYTE PTR [modifyhere],0xcd
> > > mov BYTE PTR [modifyhere+1],0x20
> > > jmp modifyhere
> > > }
> > >
> >
> > In the code above the storage to modify would be in the code
section.
> If I am not mistaking modification of such a storage
> > is not possible under W2k (there’s a note in new DDK releases
> > or article in the knowledge base that the driver code sections are
> > read only).
> > _emit itself is used in Win9x DDK to represent the VMM call.
> >
>
> In win2k if we overwrite System file then it doesnt allow. Above code is
in
> Run Time modifying itself. I think that is possible.
>
> Regards,
> Satish K.S
>
>
> —
> You are currently subscribed to ntfsd as: danp@jb.rdsor.ro
> To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

i dont know , maybe it wont , but then any code modificaion will not work.
you can change the read only to read/write on the registery btw … i did it
… (well softice did it for me :wink: )
----- Original Message -----
From: Alexei Chentsov
To: File Systems Developers
Sent: Friday, May 11, 2001 1:02 PM
Subject: [ntfsd] Re: Compiling inline Assembly

> On the May 10 Nuno the First wrote
>
> > i saw the answer about the _emit , good to know about it :wink: but here is
mostly the same way.
> >
> > __asm {
> > jmp domodify
> > modifyhere:
> > nop ;will become INT 20 (CDh,20h)
> > nop
> > ret
> > domodify:
> > mov BYTE PTR [modifyhere],0xcd
> > mov BYTE PTR [modifyhere+1],0x20
> > jmp modifyhere
> > }
> >
>
> In the code above the storage to modify would be in the code section.
If I am not mistaking modification of such a storage
> is not possible under W2k (there’s a note in new DDK releases
> or article in the knowledge base that the driver code sections are
> read only).
> _emit itself is used in Win9x DDK to represent the VMM call.
>
> The best regards,
> Alex
>
> —
> You are currently subscribed to ntfsd as: xxxxx@netvision.net.il
> To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com