Computer Organization and Assembly Language



Similar documents
CS 16: Assembly Language Programming for the IBM PC and Compatibles

Systems Design & Programming Data Movement Instructions. Intel Assembly

Complete 8086 instruction set

Software Fingerprinting for Automated Malicious Code Analysis

Using Heap Allocation in Intel Assembly Language

Analysis of Win32.Scream

How To Use A Computer With A Screen On It (For A Powerbook)

Faculty of Engineering Student Number:

Lecture 7: Machine-Level Programming I: Basics Mohamed Zahran (aka Z)

Computer Organization and Architecture

Abysssec Research. 1) Advisory information. 2) Vulnerable version

Assembly Language: Function Calls" Jennifer Rexford!

Machine Programming II: Instruc8ons

by Kip Irvine. Last update: 12/11/2003

A Tiny Guide to Programming in 32-bit x86 Assembly Language

Windows Assembly Programming Tutorial

Fighting malware on your own

BCD (ASCII) Arithmetic. Where and Why is BCD used? Packed BCD, ASCII, Unpacked BCD. BCD Adjustment Instructions AAA. Example

CS61: Systems Programing and Machine Organization

Character Translation Methods

8. MACROS, Modules, and Mouse

CHAPTER 6 TASK MANAGEMENT

CS412/CS413. Introduction to Compilers Tim Teitelbaum. Lecture 20: Stack Frames 7 March 08

x64 Cheat Sheet Fall 2015

Unpacked BCD Arithmetic. BCD (ASCII) Arithmetic. Where and Why is BCD used? From the SQL Server Manual. Packed BCD, ASCII, Unpacked BCD

Instruction Set Architecture (ISA)

Return-oriented programming without returns

CPU performance monitoring using the Time-Stamp Counter register

IA-32 Intel Architecture Software Developer s Manual

Intel 8086 architecture

64-Bit NASM Notes. Invoking 64-Bit NASM

612 CHAPTER 11 PROCESSOR FAMILIES (Corrisponde al cap Famiglie di processori) PROBLEMS

Instruction Set Architecture

Assembly Language Tutorial

Notes on Assembly Language

About the Tutorial. Audience. Prerequisites. Copyright & Disclaimer

Windows XP SP3 Registry Handling Buffer Overflow

Outline. Lecture 3. Basics. Logical vs. physical memory physical memory. x86 byte ordering

Overview of IA-32 assembly programming. Lars Ailo Bongo University of Tromsø

Machine-Level Programming II: Arithmetic & Control

The 80x86 Instruction Set

Hacking Techniques & Intrusion Detection. Ali Al-Shemery arabnix [at] gmail

ASSEMBLY LANGUAGE PROGRAMMING (6800) (R. Horvath, Introduction to Microprocessors, Chapter 6)

The x86 PC: Assembly Language, Design, and Interfacing 5 th Edition

Chapter 1. Bootstrap. Hardware

Using MMX Instructions to Convert RGB To YUV Color Conversion

X86-64 Architecture Guide

INTRODUCTION TO PROGRAMMING THE 8086

CS:APP Chapter 4 Computer Architecture Instruction Set Architecture. CS:APP2e

Advanced Computer Architecture-CS501. Computer Systems Design and Architecture 2.1, 2.2, 3.2

Instruction Set Architecture. or How to talk to computers if you aren t in Star Trek

1 The Java Virtual Machine

Buffer Overflows. Security 2011

PART B QUESTIONS AND ANSWERS UNIT I

MACHINE ARCHITECTURE & LANGUAGE

Attacks on Virtual Machine Emulators

PC Assembly Language. Paul A. Carter

WLSI Windows Local Shellcode Injection. Cesar Cerrudo Argeniss (

Chapter 2 Topics. 2.1 Classification of Computers & Instructions 2.2 Classes of Instruction Sets 2.3 Informal Description of Simple RISC Computer, SRC

Administration. Instruction scheduling. Modern processors. Examples. Simplified architecture model. CS 412 Introduction to Compilers

Introduction. Application Security. Reasons For Reverse Engineering. This lecture. Java Byte Code

Writing an 8086 emulator in Python

PROBLEMS (Cap. 4 - Istruzioni macchina)

Gazi Üniversitesi Bilgisayar Mühendislii Bölümü

Lecture 3 Addressing Modes, Instruction Samples, Machine Code, Instruction Execution Cycle

King Fahd University of Petroleum and Minerals. College of Computer Science and Engineering. Computer Engineering Department COE 205

Comp 255Q - 1M: Computer Organization Lab #3 - Machine Language Programs for the PDP-8

8085 INSTRUCTION SET

High-Level Programming Languages. Nell Dale & John Lewis (adaptation by Michael Goldwasser)

Computer Architecture Lecture 2: Instruction Set Principles (Appendix A) Chih Wei Liu 劉 志 尉 National Chiao Tung University

PCI BIOS SPECIFICATION. Revision 2.1

esrever gnireenigne tfosorcim seiranib

Overview. CISC Developments. RISC Designs. CISC Designs. VAX: Addressing Modes. Digital VAX

Z80 Instruction Set. Z80 Assembly Language

LC-3 Assembly Language

l C-Programming l A real computer language l Data Representation l Everything goes down to bits and bytes l Machine representation Language

Stack Overflows. Mitchell Adair

Computer Organization and Components

COMPUTERS ORGANIZATION 2ND YEAR COMPUTE SCIENCE MANAGEMENT ENGINEERING JOSÉ GARCÍA RODRÍGUEZ JOSÉ ANTONIO SERRA PÉREZ

High-speed image processing algorithms using MMX hardware

ASSEMBLY PROGRAMMING ON A VIRTUAL COMPUTER

1 Classical Universal Computer 3

MICROPROCESSOR. Exclusive for IACE Students iacehyd.blogspot.in Ph: /422 Page 1

Performance monitoring with Intel Architecture

Attacking x86 Windows Binaries by Jump Oriented Programming

Base Conversion written by Cathy Saxton

Chapter 2: Elements of Java

1. General function and functionality of the malware

Instruction Set Design

CPU Organization and Assembly Language

Test Driven Development in Assembler a little story about growing software from nothing

TODAY, FEW PROGRAMMERS USE ASSEMBLY LANGUAGE. Higher-level languages such

Phoenix Technologies Ltd.

Computer Architecture Lecture 3: ISA Tradeoffs. Prof. Onur Mutlu Carnegie Mellon University Spring 2013, 1/18/2013

Off-by-One exploitation tutorial

Instruction Set Architecture (ISA) Design. Classification Categories

Heap-based Buffer Overflow Vulnerability in Adobe Flash Player

MICROPROCESSOR AND MICROCOMPUTER BASICS

Using the RDTSC Instruction for Performance Monitoring

The AVR Microcontroller and C Compiler Co-Design Dr. Gaute Myklebust ATMEL Corporation ATMEL Development Center, Trondheim, Norway

Transcription:

Computer Organization and Assembly Language Lecture 8 - Strings and Arrays Introduction We already know that assembly code will execute significantly faster than code written in a higher-level language such as BASIC, C++ or Java. We ll see that this can also apply to strings and array processing

String Primitive Instructions There are five groups of instructions for processing arrays of bytes, words and and doublewords. Although they are called string primitives they are not necessarily used just for strings. The groups are Moving string data Comparing strings Scanning Strings - comparing an integer to memory contents. Storing string data Loading the accumulator form a string Setting the ESI and EDI In Protected Mode ESI is automatically an offset in the segment to which DS points and EDI is automatically an offset in the segment to which ES points. DS and ES are set to the same values are cannot be changed.

Setting the ESI and EDI In Real Mode String primitives use SI and DI to address memory SI is an offset from DS and DI is an offset from ES. The programmer set these at the beginning of the main procedure: main proc mov ax, @data mov ds,ax mov es, ax Using rep The string primitives by themselves only act on a single memory location. The rep prefix will make an instruction repeat: rep Repeat while ECX > 0 repz, repe repnz, repne Repeat while ZF is set and ECX > 0 Repeat while ZF is cleared and ECX > 0

Using rep: An Example To act on an entire string,set the ECX with the counter and use the rep prefix before the instruction: cld ; clear direction flag mov esi, OFFSET string1 ; ESI pts to source mov edi, OFFSET string2 ; EDI pts to target mov ecx, 10 ; set counter to 10 rep movsb ; move 10 bytes Direction Flag The direction Flag is used to determine whether the ESI and EDI registers are incremented or decremented by the string primitives: Value of Direction Flag Effect on EDI and ESI Address Sequence Clear Incremented Low to high Set Decremented High to Low The CLD and STD instructions can explicitly change the Direction flag: cld ; clear Direction flag std ; set Direction flag

MOVSB, MOVSW, MOVSD Instructions Instruction MOVSB Meaning Move Bytes Value added/subtracted from ESI/EDI 1 MOVSW Move Words 2 MOVSD Move Doublewords 4 MOVSD: An Example.data source DWORD 20 dup (0FFFFFFFFh) target DWORD 20 dup (?).code cld ; direction = forward mov ecx, LENGTHOF source ; set REP counter mov esi, OFFSET source ; ESI pts to source mov edi, OFFSET target ; EDI pts to target rep movsd ; copy doublewords

CMPSB, CMPSW, CMPSD CMPSB, CMPSW and CMPWD each compare a memory operand pointed to by ESI to one pointed to by EDI You can use a repeat prefix with CMPSB, CMPSW and CMPWD. The direction flag increments or decrements ESI and EDI. CMPSB, CMPSW, CMPSD CMPSB, SMPSW and CMPWD each compare a memory operand pointed to by ESI to one pointed to by EDI CMPSB CMPSW CMPSD Compare Byte Compare Words Compare Doublewords You can use a repeat prefix with CMPSB, CMPSW and CMPWD. The direction flag increments or decrements ESI and EDI.

CMPSB, CMPSW, CMPSD: An Example.data source DWORD 1234h target DWORD 5678h.code mov esi, OFFSET source mov edi, OFFSET target cmpsd ; compare doublewords ja L1 ; jump if source > target jmp L2 ; jump, since source <= target CMPSB, CMPSW, CMPSD: Another Example We can compare multiple doublewords by initializing the ECX register and using a repeat prefix: mov esi, OFFSET source mov edi, OFFSET target cld ; direction = up mov ecx, count ; repetition counter repe cmpsd ; repeat until equal The repe prefix repeat the comparison until either ECX = 0 or a pair of doublewords are different.

Example: Comparing Two Strings TITLE Comparing String (Cmpsb.asm) ; This program uses CMPSB to compare two strings ; of equal length INCLUDE Irvine32.inc.data source BYTE "MARTIN " dest BYTE "MARTINEZ " str1 BYTE "Source is smaller", 0dh, 0ah, 0 str2 BYTE "Source is not smaller", 0dh, 0ah, 0.code main PROC cld ; direction = up mov esi, OFFSET source mov edi, OFFSET dest mov cx, LENGTHOF source repe cmpsb jb source_smaller mov edx, OFFSET str2 jmp done source_smaller: mov edx, OFFSET str1 done: call WriteString exit main ENDP END main

The Strings Before and After Before Before Source M a r t i n Source M a r t i n ESI ESI Dest M a r t i n e z Dest M a r t i n e z EDI EDI SCASB, SCASW, SCASD SCASB, SCASW, SCASD compare a value in the AL (or AX or EAX) register to a byte (or word or doubleword) addressed by the EDI register. This is useful when you re for a single value in a long string or array. REPE SCASB will scan a string while ECX > 0 and the value in AL matches each subsequent value in memory. REPNE SCASB will scan a string until ECX > 0 and the value in AL matches each subsequent value in memory.

Scanning For a Matching Character.data alpha BYTE ABCDEFGH, 0.code mov edi, OFFSET alpha ; EDI points to string mov al, 'F' ; search for the letter F mov ecx, LENGTHOF alpha ; set the search count cld ; direction = up repne scasb ; repeat while not equal jnz quit ; quit if letter not ; found dec edi ; found: back up EDI STOSB, STOSW, STOSD STOSB, STOSW, STOSD store the contents of the AL (or AX or EAX) in memory at the offset pointed to by EDI. EDI is incremented or decremented based on the direction flag. Using the rep prefix, an entire string can be filled with a single byte (or word or doubleword).

STOSB, STOSW, STOSD: An Example.data Count = 100 string1 BYTE Count DUP (?).code mov al, 0FFh ; value to be stored mov edi, OFFSET string1 ; ES;DI points to target mov ecx, Count ; character count cld ; direction = forward rep stosb ; fill with contents of AL LODSB, LODSW, LODSD LODSB, LODSW, LODSD loads a byte (or word or doubleword) frommemory at ESI into the AL (or AX or EAX) and the ESI is incremented or decremented based on the direction flag. rep is rarely used with LODSB, LODSW, LODSD because it would overwrite the same data. LODSB replaces the following: mov inc al, [esi] ; move byte into AL esi ; point to the next byte

Example: Multiply an Array TITLE Multiply an Array (Mult.asm) ; This program multiplies each element of an array ; 32-bit integers by a constant value. INCLUDE Irvine32.inc.data array DWORD 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 multiplier DWORD 10.CODE MAIN PROC cld ; direction = forward mov esi, OFFSET array ; source index mov edi, esi ; destination index mov ecx, LENGTHOF array ; loop counter L1: lodsd ; load [ESI] into ; EAX mul multiplier ; multiply by a ; value stosd ; store EAX into ; [EDI] loop L1 exit main ENDP END main

Selected String Procedures Str_compare Str_length Str_copy Str_trim Str_ucase Two-Dimensional Arrays Base-Index operands Base-Index Displacement

Searching and Sorting Integer Arrays Bubble Sort Binary Search