Page 2 of 4 FirstFirst 1234 LastLast
Results 16 to 30 of 49

Thread: C++ programming for reversing

  1. #16
    in the past everything was assembly

    a high langue should make the view easier and understanding

    personally i still think a drawing to a video frame buffer is a lot more in understanding then creating a dialog with a editor and then call the dlgbox function so it shows up

    whats the tech ? whats the understanding for that ?

    html even being less then this just tell the postion where your bitmap goes at

    a problem with assembly is that the code is bigger to write, more time consuming, harder to overview
    the other idea being that you tell your langue what to do i want 10 vars, i want my class, i want my object, i want my functions i call
    the problem with the this idea is that you can do all of those things with assembly too
    when it comes to an engine things are even a bit more simplyfied but also that you could call with a assembly code
    i doubt html or pyton would understand tho
    but basicly thats not the question you actually can write those things in assembly too
    a script at some point is a good idea so the basic process you would need to write in in assembly is simplyfied and faster to write and the cpu doesnt care that much in executing 10 kbīs or 200 kbīs

    what a high langue do is that it just create a assembly code at the end neither what it be the cpu does not understand anything else

    is there a statement why ms is doing that ?
    when it comes to create a "buy windows 8 or win10 question" they creating money for themself
    but i doubt that is limited to ms, as intel and others are following
    now you have to buy something else?
    your hardware device does not have a win10 driver support?
    so they playing balls to each others to be hard it creates a process they benefit by making this
    "playing together" with companys like that would be called favouritism
    so benefits would be made by this either for themselfs or to some1
    free market economy? offer - demand question might be in question
    having dos and windows ce support, not winnt but windows 8.0 + would show into this direction if that would be called that way

    what leads me back to a older question
    when the dvd was about to came out there was a similiar question
    the first idea was that the laser only can read dvdīs
    but that didnt work well so when the choice was made that both can be readed cd and dvd then people did buy it it over
    then it was a simple replacement
    but now you have new questions your browers shows up and says "your cd device is no longer supported"
    or the new cd-x format can no longer be read please upgrade
    something like that?

  2. #17
    Teach, Not Flame Kayaker's Avatar
    Join Date
    Oct 2000
    Posts
    4,128
    Blog Entries
    5
    I've actually become quite a fan of Python, especially for file based manipulations. I like the idea of not having to compile a full C program just to do something. I don't think I've used the Ctypes MS module before though, but that could be really handy too. I have created a standalone exe from python, that's useful on other computers without python installed. I got into it as a way of writing plugins for another program I use, and a way of enjoying programming again after reversing stopped.

    When things turned x64 and manipulating the kernel became more difficult I started to lose interest in reversing, and simply missed the fun of programming. I learned C when it got too cumbersome to program kernel drivers in Asm32. You could do that with Four-F's KMD kit, but it was a lot of assembly to write, and you certainly couldn't copy/paste example code snippets from the web. Now Win9x vxd's were a real bugger to write.

    Visual Basic and Delphi still exist? Why?

  3. #18
    Quote Originally Posted by Kayaker View Post
    I've actually become quite a fan of Python...
    I mist admit to knowing very little about Python other than what Blabbs revealed about it. I do recall mucho frustration a few years back trying to implement it in a dissassembler promoted by someone (Pedram Amini) at a Las Vegas software convention. Don't know if you recall...it went by the name Py...something, was it Paimei? I could never get it to work as he claimed it should, after a significant amount of time getting Python working on Windows.

    Pedram seem to still have it featured at Github although I don't like the look of the MacOS name in there near the top of the files list.

    https://github.com/OpenRCE/paimei

    Quote Originally Posted by Kayaker View Post
    When things turned x64 and manipulating the kernel became more difficult I started to lose interest in reversing, and simply missed the fun of programming. I learned C when it got too cumbersome to program kernel drivers in Asm32. You could do that with Four-F's KMD kit, but it was a lot of assembly to write, and you certainly couldn't copy/paste example code snippets from the web. Now Win9x vxd's were a real bugger to write. Visual Basic and Delphi still exist? Why?
    There was a lot of reversing activity and reversing icons 20 years ago, but most seem to have lost interest. I don't think something like x64 would slow you down if your mind was set on it, but I fully understand your point. I have drifted in and out of reversing simply because I had other things that needed to be done.

    These days, I encounter failing health if I carry on the way I did 20 years ago, sitting all day and much of the night in front of a computer. I look back on those days with fondness but I can no longer get away with it. My body rebels, not to mention my eyes, which have taken to seeing double after hours in front of a computer screen. It's uncanny seeing two Moons side by side when I look into the night sky. Let's face it, the human body is designed to move and I feel strongly, that by a certain age, sitting too much leads down a slippery slope to you know where. I don't know how you managed to get so deeply into reversing and programming yet still find time to kayak in the wilderness.

    Time management, for me, as well as getting sufficient exercise, is now the issue.

    I have never looked at Visual Basic. When I did Basic, it was last century, while the language was fairly primitive. I do recall Delphi, however, and trying to make sense of its structure, Do you recall the decompiler, Dede, put out by Dafixer? I recall a time when Borland was right up there with Visual C but Borland seems to have disappeared. I still see references to TASM, although I bought a copy of MASM many years ago.

  4. #19
    Quote Originally Posted by Elenil View Post
    ...a problem with assembly is that the code is bigger to write, more time consuming, harder to overview the other idea being that you tell your langue what to do i want 10 vars, i want my class, i want my object, i want my functions i call
    That's why I started this thread, to see how deeply i needed to get into C++. I've had the Class concept in my mind because no one I read, till Stroustrup, could explain a Class. He summed it up in one sentence...a Class is a user-defined type. Further reading in Stroustrup's text reveals that it's not really necessary to get into classes and objects if your program is simple enough that an inline, procedural program will do the trick.

    In the very simple example I offered which converts degrees C to degrees F, there is no need to declare C and F as classes or objects. I was wondering if that could be applied to more complex problems and kayaker confirmed he has done that without resorting to classes and objects. He claimed that he has stuck to C code while using a C++ compiler. Stroustrup claims that is perfectly fine as long as you are aware of the difference between C and C++.

    I can see the problems with programming large apps in assembly without even having written a significant Assembly program. Having said that, I have an Assembly book somewhere that teaches how to write Windows apps in Assembly. As kayaker confirmed, it's a matter of going through all the work of coding complex code in Assembly then re-using the code where you can. I can see using the assembly code for saving a file as a template, same for windows structures, etc. You have mentioned that yourself, like in scripts, etc.

    That reminds me, I have to dig out that book on writing Windows apps in Assembly.

    Quote Originally Posted by Elenil View Post
    what a high langue do is that it just create a assembly code at the end neither what it be the cpu does not understand anything else
    A CPU does not even understand assembly. A CPU cannot work with a MOV statement, it cannot even work with the hex equivalent of the MOV command. All it can understand is different combinations of 1s and 0s and that is not correct in that it doesn't understand a 1 or a 0. All it understands is +5 volts (in older logic) and 0 volts.

    I used to get annoyed when tracing bloat-ware, high level language code, to see the unnecessary repetitive movement of data. MFC was like that but even normal Windows code often repeats a movement of data over and over, for some unknown reason. Don't get me talking about parsing a string.

    Quote Originally Posted by Elenil View Post
    your hardware device does not have a win10 driver support?
    Must have, it works in W10. I should have said the minimal requirement is W7. The hardware disk does not supply an XP driver, I came across one on a Czech site. Seems to work OK.

    Quote Originally Posted by Elenil View Post
    but now you have new questions your browers shows up and says "your cd device is no longer supported" ....or the new cd-x format can no longer be read please upgrade something like that?
    We're talking about backward compatibility. It's not always easy, so I can understand XP or W7 not being backward compatible with Win 3, which was a 16 bit system. Having said that, there are people on the Net who have made XP backward compatible with W98, which was a pretty decent OS in its day.

    I see no excuse whatsoever, why M$oft abandoned XP and W7 in favour of W8 and W10. Their excuse is that XP is no longer secure, which is BS. Users are responsible for their security, not M$oft. Having said that, they are still offering XP updates to certain corporate 'friends', and believe it or not, some companies are still running XP/2003 servers. They will be out of luck, however, if they decide to upgrade their hardware to a 300-series chipset or higher.

    That should be classified as a crime since M$oft, and now Intel, have deliberately withheld drivers for XP on newer mobos. It was behavior like that by software companies that got me interested in reversing. I paid out major dollars for state of the art music software circa 2000, only to have the company discontiue support for it a few years later.

    They had provided the software on an old 8" floppy with a hole punched through the disk so it could not be copied. Reversing that system became my goal even though I had no idea what reversing meant. And that wasn't the first time I encountered those kinds of shysters.

  5. #20
    you going to far if you have an exhaustion
    to work you need a system, to train you need a system
    at some point to much training just makes you ill
    you need the right restpoints

    yes the cpu only understands 0 and 1īs
    but there being electronic logical units
    then that leads up to a transistor
    out of that transitors it creates the units
    i lerned some units 20 years ago
    to call 1 of many
    i try it with a half-adder (for 2 bits)
    https://en.wikipedia.org/wiki/Adder_(electronics)#/media/File:Half_adder_using_NAND_gates_only.jpg
    but that being 1 of many and is combined to a ALU unit

    we should know this from our assembly knowlegue what is present here most likely

    softice shows that process very near as a debugger do

    maybe going back they hold back with the real values of the transistors
    what you useally find is this:
    https://legitreviews.com/wp-content/uploads/2014/08/fin-improvements.png
    you might be told that a classical transistor is working with 0.7 volts nothing that much more
    https://www.amplifier.cd/Test_Equipment/Tektronix/Tektronix_other/576_applications/30_2219.jpg
    but that doesnt example the physics behind smaller transistors
    cmos being called ? that doesnt tell any values maybe the end-size of total 22 nm
    but that being sayed the diffusion layer already being canceled
    neither if the transistor works based if dielectric transistor modell
    but then where are the values for this field
    i doubt 0.7 volts work for 22 nm and no values are shown at this part
    or thick the materials have to be to create the diffusion layer or the field or the atoms being polarized (like it do on coil)
    i never found that parts if some1 knows i would have interests

    but before i write a basic book about some old school examples i rather stop here with basic examples

    i already see a small problem with the class question
    you can actually solve your code without a class like always
    a class makes sense to put something you want to control like a font
    then you put your control functions and variables there and you have your "font class"

    structs being widely used tho
    its not that big a of a differens to write some structīs and a multiple function modell
    for having a better view you may make a extra file (font.c) and begin your function name with font_ or something you or some1 can reconize
    that you dont have to either, that being rather a style and overview question

    a other important question if you read someones code then you have to understand what is going on
    then the understanding for a class is requied

    the engine question yes then you also end up in understanding a class because the engine wants the "class style"

    yep thats what mfc does, but that "new" .net do exactly this too it calls that api_set dllīs
    vb that vb dllīs

    i used basic on ms-dos i think tbasic was the name and my favorite command was "goto"

    to answer the emc2 i could not find some old sources i need for the next opening (for example the presentation of the 484dx)

  6. #21
    Quote Originally Posted by Elenil View Post
    ...you might be told that a classical transistor is working with 0.7 volts nothing that much more...
    That goes back to the old BJT (bipolar junction transistor) which has roughly a 0.7 activation voltage between it's base and emitter. Same with a silicon diode, it won't turn on till the voltage from cathode to anode is 0.7 volts. The transistor won't turn on till that voltage level is reached by current running through the base-collector junction, but that is not what controls the data signal through the transistor.

    The 0.7 volts (for a silicon transistor) is called the bias voltage and it is set as a steady-state condition by resistors between the +ve rail (DC +ve supply) and ground. Simply connecting the proper resistor between the transistor base and the +ve rail will allow current to run from emitter to base, biasing the transistor (silicon only) at about 0.7 volts. The voltage varies slightly (1/100ths of a volt) from transistor to transistor.

    A computer bus runs at +5 volts in older systems and about 3 volts in newer systems. The CPU voltages go as low as 1.8 volts. The BJT is no longer used for logic, being replaced by FETs (field effect transistors) known better in pairs as CMOS. The MOS part refers to MOSFET, a certain type of FET, and the C means complimentary, a reference to the fact that two transistors in a CMOS unit complement each other.

    The 0.7 volt bias does not apply to CMOS devices since no current runs between their equivalent base-emitter, known as a gate-source. CMOS devices have the operating current running between the source and the drain controlled by a voltage from gate to source, whereas in the BJT, operating current runs between the emitter and the collector, controlled by a current from emitter to base. So, BJTs are current operated devices while CMOS (FETS) are voltage operated devices.

    Whereas that transistor action provides the basic operation of logic circuits, it is not the basis of a collection of transistor logic units. It's how the transistors are connected that supplies the logic. With a BJT, you would never expose the base-emitter at 0.7 volts to the bus voltages at 3 to 5 volts without incorporation current limiting resistors. In fact, the bus voltages representing 1s and 0s are 'clocked' into the processor using tri-state devices. They are like gates that open very briefly to sample what is on one bus line, then they close. Tri-state devices are transistors as well.

    One major difference between digital logic circuits and analog circuits is that the digital +5 volt signal can be used to turn the transistor on directly. Therefore a 0.7 bias is not required. The bias is required in analog circuits operating in linear mode. If you feed a sinusoidal signal into the base-emitter of a BJT transistor, without first setting a bias level, the signal would be cut-off on one end, producing distortion.

    When +5 volts is sampled at a tri-state gate as it briefly opens, it is likely applied to what is known as an open-collector or open-drain arrangement. That means, with a BJT, that the collector of the transistor is left unconnected when the tri-state gate is closed. When it opens, giving a brief pulse of +5 volts, the collector/drain of a transistor inside the processor is activated momentarily and that is enough time to trigger other transistors inside the processor chip which are interconnected.

    Most of the transistors will be under the control of an internal clock, a device that sends a constant array of square wave pulses at a high frequency to turn devices on and off. That is how CPU logic is synchronized. There are many logic devices inside the CPU like 'and' gates, 'or' gates, 'xor' gates, etc, as well as counters, multiplexors, demultiplexors, adders, multipliers, etc. Each one is a special array of transistors that operate in either an on or off state.

    So, the 0.7 volts that biases the BJT is not part of the +3 or +5 volts on the data bus. It's a local voltage derived via resistors from the +ve power supply rail and its application is more for analog devices. With a logic device, a +5 volts pulse will 'turn on' the transistor if it is applied to the BJT base via a current limiting transistor. The moment a voltage greater than 0.7 volts is applied between a BJT base and emitter, the transistor will turn on and a current will flow from the emitter to the collector, with a 0.7 volt drop across the transistor junction.

    That is the derivation of the 0.7 volts. It's a natural voltage drop caused by a current running through the junction. If you put a DVM ohmeter across the base-emitter junction of a BJT transistor, with proper polarity, the meter will read roughly 0.7 volts for a silicon BJT, even though it's an ohmeter. That's because no matter how much current you run through the junction, within bounds, it will always read 0.7 volts, once the BJT turns on.

    If you put two of those transistors in parallel, with their collectors tied together and running through an LED with a current-limiting resistor, you have a logical 'OR' pairing. That is, if you apply+5 volts to either base, or both at once, the LED will light. An 'AND' implementation requires two transistors in series. You must apply +5 volts to both BJT bases to get the LED to light, no other combination will turn on the LED.

    If you arrange the transistors in other arrangements of parallel and series, you can create adders, counters, etc., although the counter requires extra inputs. The EAX register, or AX, or A-register as it was known in 8 bit parlance, is nothing more than transistors in parallel that are either turned on or off to represent 5 volts at their collector or 0 volts. Of course, you can't just implement a register with 8 transistors in parallel, you need circuitry to clear them to a 0 volt state, etc.

    Last time I checked, there were over 50 million transistors in a CPU. Mind-boggling.

    Quote Originally Posted by Elenil View Post
    i doubt 0.7 volts work for 22 nm and no values are shown at this part
    or thick the materials have to be to create the diffusion layer or the field or the atoms being polarized (like it do on coil)...i never found that parts if some1 knows i would have interests
    The 0.7 volts does not apply to modern processors. They don't use BJT transistors, they use MOSFET technology. All a MOSFET needs to turn on is a small voltage applied to the gate region and that can be implemented on doped silicon with a thin spray of metal on a thin insulator (silicon dioxide) attached to the conducting channel. In other words, MOSFET technology can be implemented in a much smaller space and is more conducive to the tiny 22 nm layers you mention. Remember that 22 nm is an incredibly huge space to a tiny electron, or even the silicon atoms.

    Imagine the mosfet as a conductive channel of silicon with impurities that create more electrons than the silicon has naturally or less. The N-type silicon has more electrons and the P-type has less electrons than normal. If You have an N-type, connected with the -ve battery terminal to the source end and a +ve battery to the drain end, with a current-limited resistor in series, a current will flow from the source to the drain. That's no good in itself, since a method is needed to control the current.

    A gate is a small metal electrode attached to the silicon via an insulator (SiO2). The other side of the channel is connected to ground via a substrate. By varying the voltage on the gate the current through the silicon channel is varied. In other words, the width of the channel available to carry charge carriers is varied.

    Don't let anyone sway you with jargon about holes and electrons. The charge carrier in any circuit, whether copper or semiconductor is always the electron. The hole is a 'concept' (and a misinterpreted idea) introduced by Shockley to help visualize the difference between an N-type silicon and a P-type. Some people find it easier to follow the holes left behind when an electron leaves the valence shell of a silicon atom, that allegedly move in the opposite direction, allegedly leaving a hole. Those holes do not exist and Schockley made that clear. He claimed to have introduced the notion only as an aid to visualization.

    I have worked in the field of electronics most of my life and I have never had to use the concept of holes. In a circuit, a diode or a transistor, even a FET, has arrows to indicate a 'conventional' current flow from positive to negative. That convention was established circa 1925, and although proved wrong since, still hangs around as a paradigm. Ironically, the nonsense is still taught in electrical engineering classes.

    In a circuit diagram, I simply visualize current flowing 'against' the arrow (into the point of the arrow and out the back). That's how electrons flow in the circuit. When you buy most diodes, they are marked with a band around one end, representing the cathode, or negative end. The manufacturers know electron current flows into the cathode and out the anode, it's the universities who are stuck in the dark ages.

    Quote Originally Posted by Elenil View Post
    i already see a small problem with the class question
    you can actually solve your code without a class like always
    a class makes sense to put something you want to control like a font
    then you put your control functions and variables there and you have your "font class"

    structs being widely used tho
    Maybe Blabbs could offer some of his programming expertise. Speaking entirely from ignorance, it would make more sense using a font class if you were going to reference hundreds of fonts, or if you were going to use the font class along with other classes in a modular program or OOP program.

    Speaking again from ignorance, it seems to me the structure (struct) is a built-in type in the standard library whereas the class is a user-defined type. In a structure, it seems you are limited to the use of types like int, char, and float whereas in a class you can define the types you use.

    K&R define the structure as a collection of one or more variables, possibly of different types, grouped together under a single name. Already, I'm wrong. Structures are often called records in some languages, like Pascal.

    Stroustrup defines a structure as follows: An array is an aggregate of elements of the same type. A 'struct' is an aggregate of elements of (nearly) arbitrary types. He also adds: A 'struct' is a simple form of a class.

    So, I'm wrong about the struct being a built-in type even though it is part of the standard library. It's a collection of built-in types.

    He defines a class as follows: "The aim of the C++ class concept is to provide the programmer with a tool for creating new types that can be used as conveniently as the builtin types. In addition, derived classes (Chapter 12) and templates (Chapter 13) provide ways of organizing related classes that allow the programmer to take advantage of their relationships.

    A type is a concrete representation of a concept. For example, the C++ builtin type float with its operations +, -, *, etc., provides a concrete approximation of the mathematical concept of a real number. A class is a user-defined type. We design a new type to provide a definition of a concept that has no direct counterpart among the builtin types".

    It seems to me, then, that if you can get by using C-type arrays, structures, etc., you don't need to get into classes, which are the basis of modular and OOP programming. Having said that, I'd like to understand how to use classes, time permitting.


    Quote Originally Posted by Elenil View Post
    a other important question if you read someones code then you have to understand what is going on then the understanding for a class is requied ....i used basic on ms-dos i think tbasic was the name and my favorite command was "goto"
    Depends who is reading the code. I am used to linear programming with subroutines. I remember the 'go to' instruction in Basic and the 'do' loops in Fortran. I also remember the 'dim' declaration in Basic for creating an array in memory. Before we wrote our mini Basic apps on screen we had to crete a DIM[] array.

  7. #22
    Teach, Not Flame Kayaker's Avatar
    Join Date
    Oct 2000
    Posts
    4,128
    Blog Entries
    5
    Quote Originally Posted by WaxfordSqueers View Post
    It seems to me, then, that if you can get by using C-type arrays, structures, etc., you don't need to get into classes, which are the basis of modular and OOP programming.
    That's what it seems to me. I can see writing with classes in complex programs, if nothing else it could make the code more readable, or for professional reasons.
    But in terms of programming I think you can write with similar structure in basic C, without having to follow C++ syntax.

    Memory allocations are handled differently when using classes, arguably in a better way. Malloc vs new/delete. That might be the best reason to use it, but if there's overhead and complexity added to your compiled program, that might be the best reason not to use it if you care.

    My understanding of Classes is limited to about the following. So you get Data Members and Member Functions(), the latter can be declared inside or outside the class, deal with the syntax.

    Code:
    https://www.geeksforgeeks.org/c-classes-and-objects/
    
    // C++ program to demonstrate  
    // accessing of data members  
      
    #include <bits/stdc++.h> 
    using namespace std; 
    class Geeks 
    { 
        // Access specifier 
        public: 
      
        // Data Members 
        string geekname; 
      
        // Member Functions() 
        void printname() 
        { 
           cout << "Geekname is: " << geekname; 
        } 
    }; 
      
    int main() { 
      
        // Declare an object of class geeks 
        Geeks obj1; 
      
        // accessing data member 
        obj1.geekname = "Abhi"; 
      
        // accessing member function 
        obj1.printname(); 
        return 0; 
    }
    What has this given us?

    So you can use a Class Data Member essentially as a structure and access them with 1 line of code
    I can use user defined structures in C and access them with 1 line of code

    You can write Member Functions() and hide them somewhere in your code and call them with one command
    I can write functions in C and hide them somewhere in my code and call them with one command

    At this point I think it's just a style of writing if you have no other reason to use classes.

  8. #23
    Super Moderator
    Join Date
    Dec 2004
    Posts
    1,513
    Blog Entries
    15
    for anything that is one off (reversing is one off operation)use c and forget c++

    c++ requires an understanding and is not as explicit as c
    someone familiar with assembly or low level coding has certain pre-configured notions
    and that isn't easily convertible to c++
    c++ is good if code needs to be reusable
    c++ is not good if the first thing you do will be finding a way to insert __asm int(3);

    see below every call in main is Print()
    but results are different including erroneous results
    and is based on the passed parameters

    Code:
    #include <iostream>
    class DoCrap 
    {
        public:
        void Print(int x) { std::cout << x << "\n"; }
        void Print(double x) { std::cout << x << "\n"; }
        void Print(int x,double y) { std::cout << x << "\t" << y << "\n"; }
        void Print(char * instr) { std::cout << instr << "\n";}
    };
    int main(void)
    {
        DoCrap foo;
        foo.Print(3); // will use Print(int x)
        foo.Print(3.25); //will use Print(double x)
        foo.Print(4,3.65); //will use Print (int x, double y)
        foo.Print(3.65,6);// will use Print (int x, double y) and truncate 3.65 to 3
        foo.Print(3.65,6.85);// will use Print (int x, double y) and truncate 3.65 to 3 but print 6.85 correctly
        foo.Print("hello"); // will use Print (char *instr)
    }

  9. #24
    Super Moderator
    Join Date
    Dec 2004
    Posts
    1,513
    Blog Entries
    15
    a small class hack that reuses code with large output not sure how small this can done in c or assembly
    and how easily copy pasteable code that would have

    Code:
    #include <iostream>
    #include <string>
    using namespace std;
    class Animal {
    public :
        string Name ;
        string Legs(){
            string temp = Name;
            temp.append(" has 4 legs");
            return temp;
        }
    };
    class Dog : public Animal {
        public:
        string Sound() {
            string temp =Name;
            temp.append( " barks");
            return temp;
        }
        string Tail (string tt) {
        string temp = Name;
        temp.append(" has a ");
        temp.append(tt);
        temp.append(" tail");
        return temp;
        }
    };
    class Cat : public Animal {
        public:
        string Sound() {
            string temp =Name;
            temp.append( " purrs");
            return temp;
        }
        string Tail (string tt) {
        string temp = Name;
        temp.append(" has a ");
        temp.append(tt);
        temp.append(" tail");
        return temp;
        }
    };
    class DogType : public Dog  {
        public:
        string Breed(string bn){
        string temp=Name;
        temp.append(" is ");
        temp.append(bn);
        return temp;
        }
    };
    class CatType : public Cat  {
        public:
        string Breed(string bn){
        string temp=Name;
        temp.append(" is  ");
        temp.append(bn);
        return temp;
        }
    };
    int main (void) {
        DogType Doggies[10];
        CatType Kitties[10];
        string DogName[] = {"slinky","clunky","blinky","moonky","dunkey","hookey","pookey","shooky","cheeky","peskey"};
        string CatName[] = {"chinky","pinkey","roosey","reeady","greedy","angray","noosey","laazey","funkey","dorkey"};
        string TailType[] = {"short","longy","bushy","shaby","dusty","curly","goofy","swety","shiny","smely"};
        string Dogbreed[] = {"Pomeranian","labrador","alsatian","spaniel","pug","poodle","bulldog","chihuahua","poodle","dachsund"};
        string CatBreed[] = {"persian","bengal","siamese","russianblue","ragdoll","munchkin","siberian","manx","sekirk","mau"};
        for(int i=0;i<10;i++) {
            Doggies[i].Name = DogName[i];
            Kitties[i].Name = CatName[i];
            cout << Doggies[i].Legs() << "\t" << Doggies[i].Sound() << "\t" <<
            Doggies[i].Tail(TailType[i]) << "\t\t" << Doggies[i].Breed(Dogbreed[i]) << endl;
            cout << Kitties[i].Legs() << "\t" << Kitties[i].Sound() << "\t" <<
            Kitties[i].Tail(TailType[i]) << "\t\t" << Kitties[i].Breed(CatBreed[i]) << endl;
        }
    }
    compiled with msvc2017 community on commandline with
    Code:
    cl /Zi /W4 /analyze /EHsc /Od  waxanim.cpp /link /release
    result on execution
    Code:
    >waxanim.exe
    slinky has 4 legs       slinky barks    slinky has a short tail         slinky is Pomeranian
    chinky has 4 legs       chinky purrs    chinky has a short tail         chinky is  persian
    clunky has 4 legs       clunky barks    clunky has a longy tail         clunky is labrador
    pinkey has 4 legs       pinkey purrs    pinkey has a longy tail         pinkey is  bengal
    blinky has 4 legs       blinky barks    blinky has a bushy tail         blinky is alsatian
    roosey has 4 legs       roosey purrs    roosey has a bushy tail         roosey is  siamese
    moonky has 4 legs       moonky barks    moonky has a shaby tail         moonky is spaniel
    reeady has 4 legs       reeady purrs    reeady has a shaby tail         reeady is  russianblue
    dunkey has 4 legs       dunkey barks    dunkey has a dusty tail         dunkey is pug
    greedy has 4 legs       greedy purrs    greedy has a dusty tail         greedy is  ragdoll
    hookey has 4 legs       hookey barks    hookey has a curly tail         hookey is poodle
    angray has 4 legs       angray purrs    angray has a curly tail         angray is  munchkin
    pookey has 4 legs       pookey barks    pookey has a goofy tail         pookey is bulldog
    noosey has 4 legs       noosey purrs    noosey has a goofy tail         noosey is  siberian
    shooky has 4 legs       shooky barks    shooky has a swety tail         shooky is chihuahua
    laazey has 4 legs       laazey purrs    laazey has a swety tail         laazey is  manx
    cheeky has 4 legs       cheeky barks    cheeky has a shiny tail         cheeky is poodle
    funkey has 4 legs       funkey purrs    funkey has a shiny tail         funkey is  sekirk
    peskey has 4 legs       peskey barks    peskey has a smely tail         peskey is dachsund
    dorkey has 4 legs       dorkey purrs    dorkey has a smely tail         dorkey is  mau
    @k want to try a c or assembly style code just for fun

  10. #25
    you right wax but you have given no values you told how the material "should work"
    the germanium transistor being cancled out with his ultra low voltage of 0.3 volts ?
    the other hand you right about the cuit but whats if i have it in diods/transistors
    then i would have to look at the diffusion layer (and its static charge) of the transtors or maybe diod if i found nothing else
    a silicon atom having 210 pm that makes 5 atoms per nm 12 nm makes 60 atoms (empirical: 111 pm)
    but maybe the nucleus is the wrong thing to discuss about
    so i go to the hole discussion you right the discussion is widely used (the direction however is not anymore p to n type)
    the question then would be what a n type and p type even is if that has some kind of different norm
    that would be interesting for me again maybe
    but to my knowlegue the diffusion layer solution doesnt work on field based transtors
    doping silicon with either a 3 based or 5 based doping
    that leads now to the final question in this part what the values really are at this point i doubt its 0.7 volts
    maybe intel holds back with the values but being sayed that they cant pass 5 nm at the moment but if size for silicon atoms can be a lot smaller aka lets say 1 nm and the electron being far smaller
    why would that be a problem if we have the values ?


    to the c++ question how about
    you make a sound function with a parameter


    int Sound(int sound) // second var string to change could also be done or global vars

    {
    if (sound == dog)
    {
    .append( " barks"); // some append function
    }
    if (sound == cat)
    {
    .append( " purrs"); // again
    }
    }

    and 2 more functions

    int leg(int howmanylegs_this_animal_got)
    {
    // some string append function goes here // strncat strcpy strncat ect.
    // dont has to be a if , can be a union or id number, string, array ect.
    }

    int tail(int tailtype)
    {
    // dont has to be a if , can be a union or id number, string, array ect.
    }
    CatBreed being directly used not by a class since the strings are already there
    so only
    CatBreed[i]
    maybe a /n and a " " if need

    this also use far less memory therefore probaly also speed to make this solution 10 classes being made image it would be done a a new and delete function
    in assembly this would be a string question about to write the code to fit the strings together, a identifier may be need partly maybe not since there
    is a lot of static idenfiers
    a structure with this functions could be made also but thats not what i would do
    what the compiler will do here is that he idenfity the functions for the classes he probaly dont use a dynamic identifier instead he will use a offset



    to definy a operator like = + / x in a class isnt a problem
    but to be fast at this point then instead of having the classical + operator to add you could definy a substraction there


    we are at the templates now so we combined different types not classical maybe a class maybe a template, maybe a struct type
    the compiler useally knows how to do for this problem the fpu to give an example can store the value in a 32 bit integer or register
    the cout << command only reads the bits and has to be told what type that is
    that beging a very common question there many solutions not using templates for that

    int a;
    float b;
    unsigned short c;
    char d;
    a=(int) c;
    a=(int) d;
    a=(int) b;

    now all being intergers without using a single template

  11. #26
    Quote Originally Posted by blabberer View Post
    for anything that is one off (reversing is one off operation)use c and forget c++
    Thanks for confirmation (makes sense) and code examples. One question, is it OK to use the C++ compiler, say version 5 to 10, to compile the C code? I do have older C compilers but I am set up with C++ right now.

    I am just starting to get used to the jargon in C++. It bothered me for the longest time, I could not get my mind around objects, containers, classes, etc., for the simple reason I have a hardware background. I think many C++ programmers may be surprised to learn there is an actual hardware processor running their code. With objects, many authors try to pass them of as 'things'. Well, what is a thing? And how do you get it into a processor? Rightly or wrongly, I regard objects as one kind of code/data or the other.

    BTW...do you realize that DNA has codes in it as well, just like ASCII? Bob Beamer invented ASCII, who do you suppose invented the codes in DNA, without which none of us could survive? I am betting it wasn't natural selection that invented the codes in DNA. That's like the old evolution principle that if you gave enough monkeys typewriters, for long enough, they'd eventually fluke out works like Shakespeare.

    Not buying it.

    http://news.bbc.co.uk/2/hi/technology/3838845.stm

    I did a lot of reading today on structures and classes, skimming most of it, and I'm starting to get a feeling for what is going on. However, as you say, much of it is overkill for one-of projects like I have in mind for working on XP or any windows-related project.

  12. #27
    Quote Originally Posted by Elenil View Post
    ...the other hand you right about the cuit but whats if i have it in diods/transistors
    then i would have to look at the diffusion layer (and its static charge) of the transtors or maybe diod if i found nothing else
    I'll keep this short...it's getting late. You have to understand that the 0.3 volts for germanium and the 0.8 volts for silicon, are properties of the junction where a P-type and an N-type join. When you have a diode, with an n-type joined to a p-type, and you try to run a current from the n-type to the p-type, no current will flow across the junction until the voltage drop across the germanium junction is 0.3V and 0.8V across the silicon junction.

    Once the current starts flowing those voltage drops remain constant no matter what current runs through them without burning them out. It doesn't take much current to burn out an emitter base junction in a BJT transistor. It's not really about diffusion layers as the nm get lower, it's about the current they can carry. As the layers get thinner, the silicon can carry less current.

    More importantly, the thinner layers can dissipate less heat, so heat dissipation becomes as much an issue as anything.

    The voltage on the bus data, which jumps from a 0V level to a 5V levels, millions (now billions) of times per second, is not an issue wrt to the 0.8V bias. The two never come in contact. The 0.8V in a silicon transistor base-emitter junction is derived from +5V via a resistor that limits it current to a few milliamps. Therefore, 4.2 volts is dropped across the resistor.

    You won't find that 0.8V on modern processor chips because they all use MOSFET technology which has essentially no current running through the equivalent gate-source junction. It's not even a junction, it's more like a capacitor with two plates and an insulator between them. The MOSFET doesn't even have a junction between the source and drain, the equivalent of the BJT emitter-collector junction.

    If you apply a negative voltage to the gate on an n-type MOSFET channel, it repels electrons on the other side of the insulator and effectively depletes the region. If the source and drain are located on either side of the gate region, current has a harder time travelling between the two due to the reduction in electrons. If you increase the negative gate voltage enough, it cuts the channel right off by depleting all the charge carrying electrons in the channel.

    With MOSFETs, they can etch hundreds or thousands (maybe millions) of them onto the same plane inside the processor chip, and mask them from each other. That would be very difficult to do with BJTs.

  13. #28
    blabberer's code in post #24 compiles and runs with MSVC6.

  14. #29
    Quote Originally Posted by tedshred View Post
    blabberer's code in post #24 compiles and runs with MSVC6.
    Thanks.

  15. #30
    Obviously, I did not steal this code from Microsoft, it is available at Github as part of the ntoskrnl project. I included the name Microsoft so as not to be liable for plagiarism. Since Microsoft often refers readers to Github, I presume they have no issue with people reading and discussing the code. Here's the github link:

    https://github.com/Zer0Mem0ry/ntoskrnl

    This code is from the folder \RAW\create.c. there is a header file listed, RawProcs.h and I have included the code for that further below. I have some question about both.

    BTW...I can actually read and comprehend this code at a low level. There are things I will research on my own, like the ->, which I think means pointer in some instances. I am not clear on terms like NTSTATUS and I need to read up on pragma again.

    1a)How do we compile the entire project? Elenil tried using cmake and it did not work for him.

    1b)Why is Vcb, the variable for the volume being considered, not declared in create.c? Or is it declared here:

    Code:
    NTSTATUS
    RawCreate (
        IN PVCB Vcb,
        IN PIRP Irp,
        IN PIO_STACK_LOCATION IrpSp
        )
    In that case, what does IN mean...is it IN as in INPUT? If so, do they mean INPUT from a physical device like a hard drive. That's how I normally associate IN.

    2)A bit lower, a function is declared, PAGED_CODE();, and immediately following is the code for KeWaitForSingleObject. That function always stymied me when tracing through kernel code with softice. I never knew how to get out of it successfully. I presume this function is included to pre-empt the thread if the processor is occupied with another process.

    Which brings up a question for Blabbs, can windbg trace into this code in the kernel. I have spoken to someone meantime who claims it cannot, hence the confusion.

    If I understand the function correctly, it waits for an object, like a mutex, to time out before the thread can proceed. I knew that at the time but I could never figure out how to bypass the object with the timer.

    The function is declared as follows but what is 'Status'. Is it an internal type in windows or did the programmer just make it up?

    Code:
    Status = KeWaitForSingleObject( &Vcb->Mutex,
                                       Executive,
                                       KernelMode,
                                       FALSE,
                                       (PLARGE_INTEGER) NULL );
    3)This code is obviously in C, not C++. Can we discuss various parts of the code to see what it's doing? The comments are quite clear, I am trying to understand the implementation with regard to Windows. I get it that they are checking the shared status of a file before opening it.

    For example, the following code seems to be a conditional statement that reads as follows:

    if the pointer to FileObject = NULL,
    OR the pointer to the pointer of Filename.length member =0
    AND the pointer to the pointer of RelatedFileObject = NULL
    AND the pointer to the Parameter.Create.Options member is greater than 24
    = FILE_OPEN
    AND the pointer to the Parameter.Create.Options
    AND FILE_DIRECTORY_FILE = 0...do something.

    If I am correct, what's the difference between NULL and 0?
    what does 24 mean? Where do I look up these values, in a library or include file?

    Code:
     if (((IrpSp->FileObject == NULL) || ((IrpSp->FileObject->FileName.Length == 0) &&
                                              IrpSp->FileObject->RelatedFileObject == NULL)) &&
            ((IrpSp->Parameters.Create.Options >> 24) == FILE_OPEN) &&
            ((IrpSp->Parameters.Create.Options & FILE_DIRECTORY_FILE) == 0)) {

    Code:
    /*++
    
    Copyright (c) Microsoft Corporation. All rights reserved. 
    
    You may only use this code if you agree to the terms of the Windows Research Kernel Source Code License agreement (see License.txt).
    If you do not agree to the terms, do not use the code.
    
    
    Module Name:
    
        Create.c
    
    Abstract:
    
        This module implements the File Create routine for Raw called by the
        dispatch driver.
    
    --*/
    
    #include "RawProcs.h"
    
    #ifdef ALLOC_PRAGMA
    #pragma alloc_text(PAGE, RawCreate)
    #endif
    
    
    NTSTATUS
    RawCreate (
        IN PVCB Vcb,
        IN PIRP Irp,
        IN PIO_STACK_LOCATION IrpSp
        )
    
    /*++
    
    Routine Description:
    
        Open the volume.
    
    Arguments:
    
        Vcb - Supplies the volume being queried.
    
        Irp - Supplies the Irp being processed.
    
        IrpSp - Supplies parameters describing the read
    
    Return Value:
    
        NTSTATUS - the return status for the operation
    
    --*/
    
    {
        NTSTATUS Status;
        BOOLEAN DeleteVolume = FALSE;
    
        PAGED_CODE();
    
        //
        //  This is an open/create request.  The only valid operation that
        //  is supported by the RAW file system is if the caller:
        //
        //    o  Specifies the device itself (file name == ""),
        //    o  specifies that this is an OPEN operation,
        //    o  and does not ask to create a directory.
        //
    
        Status = KeWaitForSingleObject( &Vcb->Mutex,
                                       Executive,
                                       KernelMode,
                                       FALSE,
                                       (PLARGE_INTEGER) NULL );
        ASSERT( NT_SUCCESS( Status ) );
    
        //
        // Don't allow any relative opens as well as opens with a filename. These opens have
        // only been checked for traverse access by the I/O manager.
        //
        if (((IrpSp->FileObject == NULL) || ((IrpSp->FileObject->FileName.Length == 0) &&
                                              IrpSp->FileObject->RelatedFileObject == NULL)) &&
            ((IrpSp->Parameters.Create.Options >> 24) == FILE_OPEN) &&
            ((IrpSp->Parameters.Create.Options & FILE_DIRECTORY_FILE) == 0)) {
    
            //
            //  If the volume is locked or dismounted we cannot open it again.
            //
    
            if ( FlagOn(Vcb->VcbState,  VCB_STATE_FLAG_LOCKED) ) {
    
                Status = STATUS_ACCESS_DENIED;
                Irp->IoStatus.Information = 0;
    
            } if ( FlagOn(Vcb->VcbState,  VCB_STATE_FLAG_DISMOUNTED) ) {
    
                Status = STATUS_VOLUME_DISMOUNTED;
                Irp->IoStatus.Information = 0;
    
            } else {
    
                //
                //  If the volume is already opened by someone then we need to check
                //  the share access
                //
    
                USHORT ShareAccess;
                ACCESS_MASK DesiredAccess;
    
                ShareAccess = IrpSp->Parameters.Create.ShareAccess;
                DesiredAccess = IrpSp->Parameters.Create.SecurityContext->DesiredAccess;
    
                if ((Vcb->OpenCount > 0) &&
                    !NT_SUCCESS(Status = IoCheckShareAccess( DesiredAccess,
                                                             ShareAccess,
                                                             IrpSp->FileObject,
                                                             &Vcb->ShareAccess,
                                                             TRUE ))) {
    
                    Irp->IoStatus.Information = 0;
    
                } else {
    
                    //
                    //  This is a valid create.  Increment the "OpenCount" and
                    //  stuff the Vpb into the file object.
                    //
    
                    if (Vcb->OpenCount == 0) {
    
                        IoSetShareAccess( DesiredAccess,
                                          ShareAccess,
                                          IrpSp->FileObject,
                                          &Vcb->ShareAccess );
                    }
    
                    Vcb->OpenCount += 1;
    
                    IrpSp->FileObject->Vpb = Vcb->Vpb;
    
                    Status = STATUS_SUCCESS;
                    Irp->IoStatus.Information = FILE_OPENED;
    
                    IrpSp->FileObject->Flags |= FO_NO_INTERMEDIATE_BUFFERING;
                }
            }
    
        } else {
    
            //
            //  Fail this I/O request since one of the above conditions was
            //  not met.
            //
            Status = STATUS_INVALID_PARAMETER;
            Irp->IoStatus.Information = 0;
        }
    
        //
        //  If this was not successful and this was the first open on the
        //  volume, we must implicitly dis-mount the volume.
        //
    
        if (!NT_SUCCESS(Status) && (Vcb->OpenCount == 0)) {
    
            DeleteVolume = RawCheckForDismount( Vcb, TRUE );
        }
    
        if (!DeleteVolume) {
            (VOID)KeReleaseMutex( &Vcb->Mutex, FALSE );
        }
    
        RawCompleteRequest( Irp, Status );
    
        return Status;
    }

    Code:
    /*++
    
    Copyright (c) Microsoft Corporation. All rights reserved. 
    
    You may only use this code if you agree to the terms of the Windows Research Kernel Source Code License agreement (see License.txt).
    If you do not agree to the terms, do not use the code.
    
    
    Module Name:
    
        RawProcs.h
    
    Abstract:
    
        This module defines all of the globally used procedures in the Raw
        file system.
    
    --*/
    
    #ifndef _RAWPROCS_
    #define _RAWPROCS_
    
    #pragma warning(disable:4214)   // bit field types other than int
    #pragma warning(disable:4201)   // nameless struct/union
    #pragma warning(disable:4324)   // alignment sensitive to declspec
    #pragma warning(disable:4127)   // condition expression is constant
    #pragma warning(disable:4115)   // named type definition in parentheses
    
    #include <string.h>
    #include <ntos.h>
    #include <zwapi.h>
    #include <FsRtl.h>
    #include <ntdddisk.h>
    
    #include "nodetype.h"
    #include "RawStruc.h"
    
    
    //
    //  This is the main entry point to the Raw File system.
    //
    
    NTSTATUS
    RawDispatch (
        IN PVOLUME_DEVICE_OBJECT VolumeDeviceObject,
        IN PIRP Irp
        );
    
    
    //
    //  MAJOR FUNCTIONS
    //
    //  These routines are called by RawDispatch via the I/O system via the
    //  dispatch table in the Driver Object.  If the status returned is not
    //  STATUS_PENDING, the Irp will be complete with this status.
    //
    
    NTSTATUS
    RawCleanup (                         //  implemented in Cleanup.c
        IN PVCB Vcb,
        IN PIRP Irp,
        IN PIO_STACK_LOCATION IrpSp
        );
    
    NTSTATUS
    RawClose (                           //  implemented in Close.c
        IN PVCB Vcb,
        IN PIRP Irp,
        PIO_STACK_LOCATION IrpSp
        );
    
    NTSTATUS
    RawCreate (                          //  implemented in Create.c
        IN PVCB Vcb,
        IN PIRP Irp,
        PIO_STACK_LOCATION IrpSp
        );
    
    NTSTATUS
    RawFileSystemControl (               //  implemented in FsCtrl.c
        IN PVCB Vcb,
        IN PIRP Irp,
        PIO_STACK_LOCATION IrpSp
        );
    
    NTSTATUS
    RawReadWriteDeviceControl (          //  implemented in ReadWrit.c
        IN PVCB Vcb,
        IN PIRP Irp,
        PIO_STACK_LOCATION IrpSp
        );
    
    NTSTATUS
    RawQueryInformation (                //  implemented in FileInfo.c
        IN PVCB Vcb,
        IN PIRP Irp,
        PIO_STACK_LOCATION IrpSp
        );
    
    NTSTATUS
    RawSetInformation (                  //  implemented in FileInfo.c
        IN PVCB Vcb,
        IN PIRP Irp,
        PIO_STACK_LOCATION IrpSp
        );
    
    NTSTATUS
    RawQueryVolumeInformation (          //  implemented in VolInfo.c
        IN PVCB Vcb,
        IN PIRP Irp,
        PIO_STACK_LOCATION IrpSp
        );
    
    
    //
    //  Miscellaneous support routines
    //
    
    //
    //  Completion routine for read, write, and device control to deal with
    //  verify issues.  Implemented in RawDisp.c
    //
    
    NTSTATUS
    RawCompletionRoutine(
        IN PDEVICE_OBJECT DeviceObject,
        IN PIRP Irp,
        IN PVOID Context
        );
    
    //
    //  In-memory structure support routines, implemented in StrucSup.c
    //
    
    NTSTATUS
    RawInitializeVcb (
        IN OUT PVCB Vcb,
        IN PDEVICE_OBJECT TargetDeviceObject,
        IN PVPB Vpb
        );
    
    BOOLEAN
    RawCheckForDismount (
        PVCB Vcb,
        BOOLEAN CalledFromCreate
        );
    
    //
    //  This macro returns TRUE if a flag in a set of flags is on and FALSE
    //  otherwise
    //
    
    #define BooleanFlagOn(Flags,SingleFlag) (                          \
        ((Flags) & (SingleFlag)) != 0 ? TRUE : FALSE) 
        
    //
    //  This macro just returns the particular flag if its set
    //  
    
    #define FlagOn(F,SF) ( \
        (((F) & (SF)))     \
    )
    
        
    //
    //  This macro completes a request
    //
    
    #define RawCompleteRequest(IRP,STATUS) {           \
                                                       \
        (IRP)->IoStatus.Status = (STATUS);             \
                                                       \
        IoCompleteRequest( (IRP), IO_DISK_INCREMENT ); \
    }
    
    #endif // _RAWPROCS_

Similar Threads

  1. ask a question about debuger programming
    By zqBugZ in forum The Newbie Forum
    Replies: 3
    Last Post: June 23rd, 2008, 09:50
  2. World of Warcraft "reversing" / bot programming
    By n00bster in forum The Newbie Forum
    Replies: 25
    Last Post: April 27th, 2006, 05:06
  3. Assembler programming
    By book in forum The Newbie Forum
    Replies: 28
    Last Post: March 28th, 2006, 10:58
  4. Teach yourself programming...
    By TBone in forum The Newbie Forum
    Replies: 1
    Last Post: April 12th, 2004, 18:29
  5. ATA programming
    By goatass in forum Advanced Reversing and Programming
    Replies: 5
    Last Post: September 16th, 2002, 19:27

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •