arm assembler doesn't know .word directive

[rofl0r]

gcc 4.7.3 compiles this code (with -O1)

typedef void (*func)(void*);
unsigned char foo(void* a, unsigned char b) {
        func f = (func)0x8050c5ac;
        f(a);
        return 1;
}

to

08 40 2D E9  08 30 9F E5  33 FF 2F E1  01 00 A0 E3  08 80 BD E8  AC C5 50 80

00000000 <foo>:
   0:   e92d4008        push    {r3, lr}
   4:   e59f3008        ldr     r3, [pc, #8]    ; 14 <foo+0x14>
   8:   e12fff33        blx     r3
   c:   e3a00001        mov     r0, #1
  10:   e8bd8008        pop     {r3, pc}
  14:   8050c5ac        .word   0x8050c5ac

however the radare2 assembler doesn't know the .word directive, making it impossible to disassemble or reassemble equivalent code.

[radare]

Use .hex directive

On 03 Feb 2016, at 13:36, rofl0r notifications@github.com wrote:

gcc 473 compiles this code (with -O1)

typedef void (func)(void);
unsigned char foo(void* a, unsigned char b) {
func f = (func)0x8050c5ac;
f(a);
return 1;
}
to

08 40 2D E9 08 30 9F E5 33 FF 2F E1 01 00 A0 E3 08 80 BD E8 AC C5 50 80
00000000 :
0: e92d4008 push {r3, lr}
4: e59f3008 ldr r3, [pc, #8] ; 14 <foo+0x14>
8: e12fff33 blx r3
c: e3a00001 mov r0, #1
10: e8bd8008 pop {r3, pc}
14: 8050c5ac word 0x8050c5ac
however the radare2 assembler doesn't know the word directive, making it impossible to disassemble or reassemble equivalent code

—
Reply to this email directly or view it on GitHub.

[radare]

Or .byte

On 03 Feb 2016, at 13:36, rofl0r notifications@github.com wrote:

gcc 473 compiles this code (with -O1)

typedef void (func)(void);
unsigned char foo(void* a, unsigned char b) {
func f = (func)0x8050c5ac;
f(a);
return 1;
}
to

08 40 2D E9 08 30 9F E5 33 FF 2F E1 01 00 A0 E3 08 80 BD E8 AC C5 50 80
00000000 :
0: e92d4008 push {r3, lr}
4: e59f3008 ldr r3, [pc, #8] ; 14 <foo+0x14>
8: e12fff33 blx r3
c: e3a00001 mov r0, #1
10: e8bd8008 pop {r3, pc}
14: 8050c5ac word 0x8050c5ac
however the radare2 assembler doesn't know the word directive, making it impossible to disassemble or reassemble equivalent code

—
Reply to this email directly or view it on GitHub.

[radare]

I disnt added .word because its endian-confusing, but it can be added in 3 lines in libr/asm/asm.c

On 03 Feb 2016, at 13:36, rofl0r notifications@github.com wrote:

gcc 473 compiles this code (with -O1)

typedef void (func)(void);
unsigned char foo(void* a, unsigned char b) {
func f = (func)0x8050c5ac;
f(a);
return 1;
}
to

08 40 2D E9 08 30 9F E5 33 FF 2F E1 01 00 A0 E3 08 80 BD E8 AC C5 50 80
00000000 :
0: e92d4008 push {r3, lr}
4: e59f3008 ldr r3, [pc, #8] ; 14 <foo+0x14>
8: e12fff33 blx r3
c: e3a00001 mov r0, #1
10: e8bd8008 pop {r3, pc}
14: 8050c5ac word 0x8050c5ac
however the radare2 assembler doesn't know the word directive, making it impossible to disassemble or reassemble equivalent code

—
Reply to this email directly or view it on GitHub.

[rofl0r]

yeah, it seems with .hex the endianness is switched
i.e. it outputs 8050c5ac rather than acc55080

[rofl0r]

also while disassembling some real-world arm code i saw a number of "invalid"s, and i suppose those were .word directives used in a similar manner than the .text-hardcoded func address, but those happened not to produce a valid asm statement. imo in such a case rasm2 should emit a .word directive rather than "invalid" so the asm it spits out can be re-assembled.

[radare]

R2 with .hex doesnt swaps endian. Its objdump who confuses everyone :p

On 03 Feb 2016, at 20:11, rofl0r notifications@github.com wrote:

yeah, it seems with .hex the endianness is switched
i.e. it outputs 8050c5ac rather than acc55080

—
Reply to this email directly or view it on GitHub.

[radare]

Theres an eval var for this:

e asm.invhex=true

You can also use Vd to define other types and structures

On 03 Feb 2016, at 20:15, rofl0r notifications@github.com wrote:

also while disassembling some real-world arm code i saw a number of "invalid"s, and i suppose those were .word directives used in a similar manner than the .text-hardcoded func address, but those happened not to produce a valid asm statement. imo in such a case rasm2 should emit a .word directive rather than "invalid" so the asm it spits out can be re-assembled.

—
Reply to this email directly or view it on GitHub.

[rofl0r]

well usually it swaps, i.e. does the right thing, just not with .hex
so that appears a little inconsistent

[radare]

Will be ok with .dword . Hex is just linear write of bytes. Not affected by endian

On 03 Feb 2016, at 22:14, rofl0r notifications@github.com wrote:

well usually it swaps, i.e. does the right thing, just not with .hex
so that appears a little inconsistent

—
Reply to this email directly or view it on GitHub.

[radare]

It swaps if you do 0x because numbers are tied to endianness, but data is not

On 03 Feb 2016, at 22:14, rofl0r notifications@github.com wrote:

well usually it swaps, i.e. does the right thing, just not with .hex
so that appears a little inconsistent

—
Reply to this email directly or view it on GitHub.