Comments for Insanely Low-Level http://www.ragestorm.net/blogs An Arkon Blog Sun, 30 Dec 2012 01:00:17 +0000 hourly 1 http://wordpress.org/?v=3.5 Comment on Trampolines In x64 by Sönke http://www.ragestorm.net/blogs/?p=107&cpage=1#comment-4747 Sönke Sun, 30 Dec 2012 01:00:17 +0000 http://www.ragestorm.net/blogs/?p=107#comment-4747 Hi guys,

I’m currently experimenting with the subject and found that 2) can be cured from the destruction of the register if you do the following:

push rax;
mov rax, ;
xchg rax, [rsp];
ret;

unfortunately the price is a 4 bytes longer code but seems to work fine.

Greetings

]]> Comment on Armstorm – ARM Disassembler by arkon http://www.ragestorm.net/blogs/?p=401&cpage=1#comment-4729 arkon Sat, 15 Dec 2012 17:38:17 +0000 http://www.ragestorm.net/blogs/?p=401#comment-4729 Sweet, thanks.
I really like the (~mask & 1) -> !(mask & 1), I wonder if the compiler could know to do it on its own…

]]> Comment on Armstorm – ARM Disassembler by Peter Ferrie http://www.ragestorm.net/blogs/?p=401&cpage=1#comment-4720 Peter Ferrie Fri, 14 Dec 2012 20:15:26 +0000 http://www.ragestorm.net/blogs/?p=401#comment-4720 actually, that first while should say !(mask & 1).
you don’t want to be performing ~mask every time, either.

]]> Comment on Armstorm – ARM Disassembler by Peter Ferrie http://www.ragestorm.net/blogs/?p=401&cpage=1#comment-4719 Peter Ferrie Fri, 14 Dec 2012 20:13:45 +0000 http://www.ragestorm.net/blogs/?p=401#comment-4719 of course, it’s faster if you avoid checking mask==0 repeatedly:

if (mask)
{
int base = 0;
int runLength = 0;
while (~mask & 1) base++, mask >>= 1;
//mask is never zero here, always &1 initially
while (mask & 1) runLength++, mask >>= 1;
if (!mask && runLength > 2)
{

}
}

]]> Comment on Armstorm – ARM Disassembler by arkon http://www.ragestorm.net/blogs/?p=401&cpage=1#comment-4702 arkon Thu, 13 Dec 2012 10:42:27 +0000 http://www.ragestorm.net/blogs/?p=401#comment-4702 Nice Ofek!

It could be really shortened, that what happens when you write code at 2:30 AM :)

I use this code to format a registers-list for some instructions. For example:

PUSH {R0-R7}
STMIA R0!, {R4-R6}

I want to show a sequence of more than 2 registers in the %d-%d format, and the rest will be separated (it wasn’t part of the snippet).

Suppose:
POP {R0, R5, R7}

Thumbs up ;)

]]> Comment on Armstorm – ARM Disassembler by Ofek Shilon http://www.ragestorm.net/blogs/?p=401&cpage=1#comment-4701 Ofek Shilon Thu, 13 Dec 2012 10:34:04 +0000 http://www.ragestorm.net/blogs/?p=401#comment-4701 finds the location of the rightmost 1′s block (first while), and its length (second while).
The condition in the if ensures that this 1′s block was in fact the single one, of size at least 3.
Also, the second while condition can be shortened to ‘while (mask & 1)’.

Maybe its for analysis of R/M portions of opcodes?

]]> Comment on Armstorm – ARM Disassembler by arkon http://www.ragestorm.net/blogs/?p=401&cpage=1#comment-4698 arkon Thu, 13 Dec 2012 08:43:09 +0000 http://www.ragestorm.net/blogs/?p=401#comment-4698 Not really… because it continues to count even though it found a zero bit… until when?

]]> Comment on Armstorm – ARM Disassembler by someone http://www.ragestorm.net/blogs/?p=401&cpage=1#comment-4697 someone Thu, 13 Dec 2012 08:32:24 +0000 http://www.ragestorm.net/blogs/?p=401#comment-4697 find position of first 0 bit and first 1 bit in the mask?

]]> Comment on diStorm-ARM by sai http://www.ragestorm.net/blogs/?p=395&cpage=1#comment-4521 sai Wed, 14 Nov 2012 05:05:27 +0000 http://www.ragestorm.net/blogs/?p=395#comment-4521 i expect it~this will be very useful for researching mobile security

]]> Comment on diStorm-ARM by doskey http://www.ragestorm.net/blogs/?p=395&cpage=1#comment-4502 doskey Tue, 13 Nov 2012 10:58:44 +0000 http://www.ragestorm.net/blogs/?p=395#comment-4502 Great! Looking forward the ARM version.

]]>