search

radareorg / radare2

UNIX-like reverse engineering framework and command-line toolset
https://www.radare.org/
GNU Lesser General Public License v3.0
20.68k stars 3k forks source link

asm.nz/x86: cannot assemble `call dword [mem32]` #11611

Open tesuji opened 6 years ago

tesuji commented 6 years ago

Work environment

Questions Answers
OS/arch/bits (mandatory) Debian v9.5 x86_64
Architecture/bits of the file (mandatory) x86/32
r2 -v full output, not truncated (mandatory) radare2 3.0.0-git 1 @ linux-x86-64 git.3.0.0-git commit: b56c4862ebea4681cc38a9cea5b884e3a49e2b2f build: 2018-09-21__12:04:28

Expected behavior

x86 and x86.nz asm plugins should work:

% rasm2 -a x86 -b 32 'call dword [0x11223344]'
ff1544332211   
% rasm2 -a x86.nz -b 32 'call dword [0x11223344]'
ff1544332211

Actual behavior

% rasm2 -a x86 -b 32 'call dword [0x11223344]'
Cannot assemble 'call dword [0x11223344]' at line 3
invalid
% rasm2 -a x86.nz -b 32 'call dword [0x11223344]'
Cannot assemble 'call dword [0x11223344]' at line 3
invalid

Additional information

The reversed operation works:

% rasm2 -a x86 -b 32 -d 'ff1544332211'
call dword [0x11223344]

x86.as and x86.nasm plugins works well:

% rasm2 -a x86.nasm -b 32 'call dword [0x11223344]'
ff1544332211   
% rasm2 -a x86.as -b 32 'call dword [0x11223344]'
ff1548332211
tesuji commented 6 years ago

Updated with radare/radare2 docker image.

tesuji commented 6 years ago

x86.nz plugin does not work either.

sudhackar commented 6 years ago

I think this goes under the same bug.

$ rasm2 -a x86 -b 32 'call dword [eax]'     
ff10
$ rasm2 -a x86 -b 32 'call dword [10*eax]'
ff10
$ rasm2 -a x86 -b 32 'call dword [110*eax]'
ff10
$ rasm2 -a x86 -b 32 'call dword [4*eax]'  
ff10
$ rasm2 -a x86 -b 32 'call dword [4*eax+7]'
ff5007
$ rasm2 -a x86 -b 32 'call dword [4*eax+0]'
ff10
$ rasm2 -a x86 -b 32 'call dword ptr [4*eax+0]'
ff10
Maijin commented 5 years ago

Greetings,

x86.nz (x86 handmade assembler) is one of the many x86 assemblers available in radare2 and is updated frequently. Please add a test case so we can fix x86.nz in https://github.com/radare/radare2-regressions/tree/master/new/db/asm (See https://github.com/radare/radare2-regressions/blob/master/new/README.md) You can do so with github web editor without even cloning the repo.

You can contribute to x86.nz by completing the following file https://github.com/radare/radare2/blob/master/libr/asm/p/asm_x86_nz.c. You can also use keystone(http://keystone-engine.org) within radare2/rasm2 by installing the radare2 plugin via r2pm : 

    r2pm -i keystone-lib
    r2pm -i keystone
then
    rasm2 -a x86.ks…
or in radare2 session
    e asm.assembler = x86.ks

Others x86 assemblers are also available trough r2pm or master (see rasm2 -L list):

a___  16 32 64   x86.as      LGPL3   Intel X86 GNU Assembler
a___  16 32 64   x86.nasm    LGPL3   X86 nasm assembler
a___  16 32 64   x86.nz      LGPL3   x86 handmade assembler
ad__  32         x86.olly    GPL2    OllyDBG X86 disassembler
Maijin commented 5 years ago

And no @sudhackar this is not the same issue. Please open a new issue with that info.