Your code snippet would return -1, as a char. If you cast to unsigned char, you'd (usually) get 255, but that's implementation-defined (most systems are two's complement, but it's not defined by the C spec).

putc() takes an int as its first argument, so.. no, you don't need to cast. The manual says it casts that to an unsigned char before writing.

You refer to the ABI to see what bit width an int has. On x86 (and x86_64), it's 32 bits. long is 64 bits wide, and short is 16.

Did you read what was inside the parentheses? Maybe you should

Either way, after reading all of what you guys discussed, I decided to get down to coding:


Code:


This works like a cat program, but only for strings with less than 4 characters, NASM also gives the following output:



I think it zeroed the string, but I'm not quite sure.

There's also this line:


Code:


I also got this piece of code from Tari, but he reserved 64 bytes, while I reserved 128.

Also, I can't seem to use push in x86-64, NASM says it's not supported in 64 mode.

Did you read what we said? The size isn't stored anywhere. You would have to use strlen() and save that somewhere, and then you would need to remember to update that size each time you update the string. It isn't worth it.

Regarding the rest of it, I don't really know. But I do think it is odd that you keep trying to read from stdout.

Uninitialized data traditionally goes in .bss. It doesn't matter much where you put data, as long as it's paged read-write and ideally not executable.


That dumps a null terminator at the last byte of the input, using the typical convention of null-terminating string. Disclaimer saves the day, I was mixing Intel and AT&T syntax. Make it 'mov byte ..'.


push is implicitly 64-bit in 64-bit mode. Straight 'push eax' is illegal in 64-bit mode since you're telling it to push a 32-bit register into a stack slot that's 64 bits wide. Either push rax or manually manipulate rsp (prefer the former).

That also implies you're trying to build the same code for 32 and 64-bit binaries, which is totally wrong (nasm -f elf vs nasm -f elf64). At the very least, you need to use the syscall instruction rather than int 80.

Finally, I don't feel like being anyone's personal debugger. Make gdb your friend.
Code:

Here's a version of your code that reads up to 128 bytes and prints exactly as many bytes as are input:

Code:

Notice that I moved eax into edx between the read and the write calls. That's the number of bytes that were input which we want to use for writing.

If you wanted to write a more functional "cat" program, you would add a jump instruction (eg, jmp) after the write system call to go back to the beginning, and also add a conditional jump after the read system call. If eax is zero or less than zero after the read system call, then jump to the exit syscall. Zero means end of file, and less than zero means there was an error while reading, and for either case you want to exit.

One of my problems was the file descriptor for stdout (now I see it's 0, thanks christop), which I couldn't find online.

Thank you a lot for the sample

I tried something a bit more complex now:


Code:


But here's a sample run:


Code:


I coded it so that the output would be:


Code:

Here are the standard file descriptors:

• 0=stdin
• 1=stdout
• 2=stderr

Even Wikipedia lists these file descriptors.

The first thing that I notice is that your strings aren't null-terminated, so that may be part of your problem.

Thanks a lot! I tried to fix it:


Code:


However, here's an example run:



I don't understand why it's outputing "Username: Password: " in the first line of output.

It also doesn't fully output "mysecretpassword", it only does "mysecretpa".

Oh, because in this line

Code:

you are subtracting the location of usernameText from the location of the current position of the code, which includes Username: and Password:. Move that line to right before this line.

Code:

Code:

You didn't specify the number of bytes to write. You need to load the correct value into edx ("Username: " is 10 bytes) before calling the write system call. Same thing with the other calls to write. In your code, you're putting the length of the password input into edx, which is 17 ("mysecretpassword" plus a newline character), so the write syscall prints out 17 bytes starting at "Username: ". The text "Password: " follows right after that in memory, so the write prints it all out contiguously.

These system calls don't care about null-terminated strings. They take a starting address and a byte count, and they return how many bytes they actually read or wrote in the eax register. In most cases, writes will write as many bytes as you told it to write, but when reading from a terminal that is in "canonical" mode (which is the default mode), the read system call will read only one line of data from the user at a time. (You can put the terminal, or rather the tty, into other modes which will give the read system call different behaviors, such as returning immediately when a character is typed, but I won't go into those modes right now).

EDIT: Oh, I see you fixed that by saving the input lengths and using them in each write call. You must have done that while I was writing my original post. Instead of using edi and esi, you could also save the input lengths (in eax) to variables.

Code:


This works very well, I enter username and password and it outputs just as I want it

However, I'm looking for a way to save the size of input and output in variables.

I also want to know how to use this code inside a C program.

That's pretty easy. You're already using variables for the username and password. Just declare two more variables (eg, usernamesize and passwordsize) as 4 bytes each (ie, 32 bits), and then replace "esi" with "[usernamesize]" and "edi" with "[passwordsize]". I just did this and it works the same as yours does.


There are at least two ways to do this: have separate C and asm source files, or have inline asm in your C source file. I prefer having them separate (some people prefer having them together). I'll explain how to do it with separate source files.

First you would have to change the last system call (the exit call) to a "ret" statement. Then you need to change the _start label to something else. Whatever name you choose, that is how you will call the function from C. For example, if you call it "get_username_and_password", you will call it as "get_username_and_password()" in C.

If you want to return a value, load the return value in eax before you return from the function. This works for integers (char, int, and long) and pointer return types, but not for more complex types like structs; I don't know the exact method to return structs, and it's generally not a good idea to return them from a function like that anyway.

Then there's the issue of mixing read()/write() calls with the stdio functions like scanf()/printf()/fread()/fwrite(). The stdio functions use read()/write() to do their work, but they also buffer their output and read ahead their input, which might lead to your input/output being out of the expected order if you mix system calls and stdio calls. You can avoid the problems with buffered output by calling fflush() before calling write(). However, mixing the input stdio calls and read system call can still be an issue.

Prepend an underscore to the name in your assembly source if you're doing that, since the compiler will expect to find the symbol '_foo' if you prototype some function 'foo'.

Take care to obey the system's ABI as well. In particular, ebx, esi and edi are callee-saved on 32-bit Linux, so if you modify those without returning them to their original values things will probably blow up in an unpredictable fashion.

If you expect to take any arguments, you'll need to follow the calling conventions (cdecl by default on 32-bit Linux) as well. That also happens to define how to return large values (floats, any other types longer than 32 bits..).

I think inlining assembly tends to be a more useful approach, and should in most cases be a last optimization step. Trying to write any assembly before the program works and you've identified performance issues is premature optimization in my mind. Not that the same axiom really holds when you've specifically chosen to write a things in assembly, though. The advantage of writing a whole routine inline in assembly is that you don't need to worry about calling conventions- you can specify parameter names and all that jazz and let the compiler work out offsets and such.

It's a pity the OS doesn't let you get close enough to the hardware to talk to the screen driver...

So what happens when you have some malware that renders pr0n onscreen instead of whatever you actually wanted? It would be nearly impossible to remove, especially on a system without any remote access provisions installed.

Keeping random programs from playing directly with the hardware is a good thing. Not only from the security standpoint, but also from the stability standpoint. What happens when your program that's talking directly to the display hardware crashes? The system is left in an indeterminate state. Even worse, you could set the video output to a mode unsupported by the display device and damage the hardware (not so much on new displays, but you can certainly do that to older CRTs).

If you really want to play with the display, Linux will allow you to mess with the framebuffer devices. Memory-map the device node (eg /dev/fb0) and treat it like a memory-mapped IO device that draws to the screen.
That or you can just work in X and display things to fit your whims..

I never said it wasn't a good thing that OSes abstract from the hardware, just that it's a lot less fun to program with that abstraction. Really, the greatest strength of Assembly is in working with hardware. By not permitting hardware access (which is definitely a good thing for security. MS-DOS would be a mess now...), you essentially eliminate the greatest strength of the language. Well written ASM is definitely faster than any equivalent compiler output, but that's like saying people use C because it has pointers. Sure, it's a useful feature, but that's not the strength of the language.

I won't disagree there- assembly is significantly less interesting when you don't get to play with hardware. That's a great reason to start playing with embedded systems and microcontrollers!

No, no it isn't. Besides, even the OS doesn't get to draw directly onto the screen - only the video driver does, and how it manages to do that is extremely complicated or complete undocumented. Nvidia, for example, will never tell you how to talk to their video cards. AMD will, so if you want to go dig through the documentation be my guest. Be warned, though, *every* generation and type of GPU has it's own rules, limitations, requirements, and protocols.

If you really want to run "on the metal", go write a kernel.

Also, unchecked hardware access is pretty easy to *kill* your hardware. Yeah, I'm sure your really eager to run on the metal now, right? The idea of bricking your computer sounds like loads of fun, right?

Back in 8th grade when I was writing x86 ASM, I remember that you could at least full-screen the command window and address characters, setting the background color, foreground color, and character, for pretty fun and nifty graphics.