Assembly

Course
Time
13 hours 15 minutes
Difficulty
Beginner
CEU/CPE
14

Video Transcription

00:01
Hello. This is Dr Miller, and this is Episode 10.3 of Assembly.
00:06
Today, we're gonna talk about string functions,
00:09
so we'll start with the length of a string.
00:12
So we have the standard library available to us because we're using GCC and so we can use functions like Sterling.
00:20
And so if we're given a string A and we want to figure out how long it is right, we can copy that address. We talked about addresses and pointers in t a X,
00:29
push that onto the stack and then call Sterling and we just let sterling handle all of that. And so that's something that somebody has already written
00:37
basically scans through the string, figures out where the null byte is
00:42
and then returns how far it had to scan in order to get there. And then we go ahead and correct the stack.
00:47
So we're gonna look at maybe some of the low level string functions that we have. So here are some string instructions.
00:55
So a couple things to start off with.
00:58
So when we're getting ready to scan a string, we can talk about the direction flag
01:02
so C L D is clear. The direction flag. And that means when we are going to use string operations, we're gonna increment index registers.
01:11
We also have set direction flag. And if we call with, we use that
01:15
a pneumonic or instruction, it's going to set the direction flag. And then we will deck Ament index register. So typically will use CLD for that.
01:23
And then when we're looking at these, we have two different registers. So we have yes, I the source register and Edie I the destination register and we'll see those come into play.
01:34
So, for example, we've got the load instructions. Each of these has a different prefix. We got bite word and D word. And so load string bite is a l is gonna equal yet the value at Yes, I And then we'll increments. Yes, I if the direction flag is set to increment
01:53
and we increment that by one with a word we implemented by two. And with a d word wing commended by four. So this is the load a bite and it's gonna automatically use a l and use Yes, I or a X and s I or e accent? Yes, I
02:07
and then store string bite So, Edie, I is gonna equal a l.
02:14
So it will just automatically copy that into the location at pointed to by E D I. And then in cumin you d I buy one
02:21
or two or four, right? And we're a copy a X, so we'll copy two bites or copy E X, which is four bites.
02:28
So store string, bite store, string words store string D word.
02:34
We also have the move or copy, right, Because it's not actually removing the data from one location, So it's really a copy. But we used a movie
02:42
so we got move string bite. So e d I is equal to Yes, I see the value a t s eyes copied into E. T. I. And here we're copying one bite because it's string bite.
02:53
We also have string words. So beady eyes again equal to Yes, I we're gonna copy a word
02:58
and then we'll increments each of these by two. Here we increment by one Harry increment by two. And here we increment by four.
03:06
And so move string d word.
03:09
We can also scan through a string
03:12
so we can compare a l and the value at Edie I as a bite. And then we'll set the flags so we can set the flags to see if we find that and will basically just keep going through the string
03:24
if we want.
03:25
We can also scan forward and we're gonna use a X. So here we have a l, A, x and E X for bite word in D word.
03:35
And each time is going to use E d I or our destination register.
03:39
We also have compare string bite, so compare Yes, I and E D I. So compare those two and then set flags. And here we're doing a bite.
03:49
We do a comparison inward. We do a word on there's a type of compare string d word and will use the D word and we'll set the flags,
03:59
and we also have the repeat commands. So, for repeat, we will terminate when e. C X is zero. If we just say, repeat.
04:06
Otherwise we have repeat equal or zero, and so
04:11
we can terminate when either e c X zero or the zero flag is zero or we got not equal. And so then we go until the zero flag is one or terminate when E C X is zero.
04:25
So let's look at an example of an assembly string length.
04:29
So here we can take all of those commands that we have been talking about and we can put them together.
04:34
So we can, um here, we're going to use can f in order to read a string so we don't know what the string is going to look like.
04:43
So we use can f we define a format for that and then we push, um,
04:49
are we get our, ah, location that we want to scan it into, we push yaks and then push the format and then we'll call scan up. And so now they will have a string in it, and we don't have to worry about that. But here we want to find the string length.
05:02
So, for example,
05:03
what we do is we start off when we use e g I as our base register. So we're gonna use a scan function
05:12
so we go ahead and copy a or the address of a into ET I so that I can be used,
05:16
and then we're gonna set e c X to negative one, and this is going to tell it how long to run. So we wanted to run until we find a no,
05:25
we're gonna clear the direction flag. And then the bite that we're looking for is zero. So we're gonna move a l zero
05:31
and then we repeat going through the string, right? Each time he d I is going to keep getting incriminated until we find that no bite.
05:40
And then once we have found it. So this will terminate when we have found that or we go through four billion,
05:46
um,
05:48
four billion different addresses to look for it, which is highly unlikely.
05:53
So at this point now, Edie, I is going to point to the no bite in the string.
05:58
And so we can copy that address into yea X and then subtract the original address and that will give us the length. And that adds in the knoll. And so we want to decker mint. You see x by one
06:10
to subtract out the no.
06:12
And so this is a very simple way in order to figure out how long a string is. Now it is more instructions than calling
06:19
the standard library, but it allows you to understand how we can search through a script string and then find where that no bite is in order to figure out the length of the string.
06:30
So today we talked about some different string operations and some different string instructions that are included in assembly.
06:40
In the future, we're gonna have an example that's using strings, and we'll go through. And
06:45
I believe we're gonna upper case a bunch of letters. And so we go through that example in a future lecture.
06:51
And then here's our quiz. What registers are used as a source and destination for string operations?
06:59
Yes, I as a source. And Edie eyes the destination.
07:02
If you have questions, you can email me, Miller, MJ at you and Katie to you, and you can find me on Twitter at Milhouse 30.

Up Next

Assembly

This course will provide background and information related to programming in assembly. Assembly is the lowest level programming language which is useful in reverse engineering and malware analysis.

Instructed By

Instructor Profile Image
Matthew Miller
Assistant Professor at the University of Nebraska at Kearney
Instructor