Win32 Assembly language programming
(using NASM)
mathiisalive@yahoo.com
Required Tools:
- NASM - Assembler
- Alink - Linker
- Gorc - Resource compiler
- Any text editor.
What Is NASM?
The Netwide Assembler, NASM, is an 80x86 assembler designed for portability and modularity.
It supports a range of object file formats, including Linux and NetBSD/FreeBSD a.out, ELF, COFF,
Microsoft 16-bit OBJ and Win32. It can also output plain binary files. Its syntax is simple and easy to understand, similar to Intel's but less complex.
It supports Pentium, P6, MMX, 3DNow!, SSE and SSE2 opcodes, and has macro capability.
Hello World Program:
Lets start with a hello world example
and compare both C version and NASM version.
This program just displays a message box and on clicking ok, the program exits.
-----------------------------------hello.cc------------------------------
#include <windows.h>
int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInst, PSTR szCmdLine, int iCmdShow)
{
char *title="hello";
char *message="hello world";
MessageBoxA(0,message,title,MB_OK);
return 0;
}
---------------------------------------------------------------------------
You can compile , build and execute the above program in visual studio.
And here is the NASM version of the hello world program.
----------------------------hello.asm--------------------------------------
; This line is a comment.
%include "win32n.inc"
extern MessageBoxA
import MessageBoxA user32.dll
extern ExitProcess
import ExitProcess kernel32.dll
segment .data USE32
title db "hello",0
message db "hello world",0
segment .bss USE32
var1 resb 32
segment .code USE32
..start:
push dword MB_OK
push dword title
push dword message
push dword 0
call [MessageBoxA]
push dword 0
call [ExitProcess]
---------------------------------------------------------------------------
Now lets analyze this program line by line..
;This line is a comment.
This is similar to the single line comment in C.
So, in a nasm source code, every line starting with a ';' is a comment.
And in a line, contents after ';' are comments.
%include "win32n.inc"
This is the syntax for including a file in nasm.(Note the '%' instead of '#' used in C).
"win32n.inc" is a single include file which contains all constant definitions and structure definitions
needed for basic windows programming in nasm.
This file can be downloaded at http://rs1.szif.hu/~tomcat/win32/win32n.zip
extern MessageBoxA
import MessageBoxA user32.dll
These lines are added to indicate the Assembler that MessageBoxA is an
external function found in the dll, user32.dll.
All windows API functions which need to be used in the program should be imported in the same fashion.
segment .data USE32
This segment contains initialized data. USE32 indicates 32 bit operating mode.
title db "hello",0
This line is similar to char *title="hello";in C.
'title' is now just an address in memory starting from where, the bytes 'h', 'e', 'l', 'l', 'o' are stored.
Inorder to terminate the string a 'zero' is added at the end.
message db "hello world",0
(same as title db "hello",0)
segment .bss USE32
This segment contains uninitialized data. USE32 indicates 32 bit operating mode.
"var1 resb 32" reserves 32 bytes.(However, not needed in this program)
segment .code USE32
This segment contains the code which has to be executed.USE32 indicates 32 bit operating mode.
..start:
The program will start executing from this label.
push dword MB_OK
push dword title
push dword message
push dword 0
call [MessageBoxA]
Inorder to call a windows api function we have to push the parameters on to the stack and then call the
function.
"push dword MB_OK" actually pushes the value MB_OK (defined in win32n.inc).
"push dword title" actually pushes the address identified by 'title'
"push dword message" pushes the address identified by 'message'
"push dword 0" pushes the value 0
"call [MessageBoxA]" calls the windows api 'MessageBox' which displays a message box.
Now when we compare the function calling style in C and NASM, we can see that C compiler
actually pushes the parameters from right to left starting from MB_OK.
MessageBoxA(0,message,title,MB_OK); // This is C
; This is nasm
push dword MB_OK
push dword title
push dword message
push dword 0
call [MessageBoxA]
Here 'dword' indicates that all are 32 bit values.
All details about the
windows api functions can be found in msdn collection
or any winapi help file.
The constant MB_OK indicates that only OK button will be displayed in the message box.
The constants MB_OKCANCEL, MB_YESNO can also be used in place of MB_OK..
MB_OKCANCEL -- displays OK and CANCEL buttons.
MB_YESNO -- displays YES and NO buttons.
All these constants are defined in the include file "win32n.inc"
push dword 0
call [ExitProcess]
Since ExitProcess function needs just one parameter(error code), only one value is pushed.
This function exits the program.This is similar to exit(0); in C
Assembling and Linking
In order to assemble and link our program we should have nasmw.exe and alink.exe
in our working directory(the directory where hello.asm is saved)
Now in command prompt type
nasmw.exe -fobj hello.asm
-fobj says that we are creating object files for windows.
By default the output file will be hello.obj
Now we have to link the object file to create the executable file.
Alink is the linker which does this job.
alink -c -oPE -subsys gui hello
'Alink' gets the object file (hello.o) as input and gives the executable file (hello.exe) as the output.
-c Enable Case sensitive link
-oxxx xxx specifies output format
(PE is the windows executable file format.)
-subsys xxx Set windows subsystem to use (default=windows)
(windows , win , gui are one and the same.)
Visual C vs NASM:
Its really interesting to note the size of the executable created using C and
the one created using NASM. We can see that hello.exe created using
Microsoft visual C is about 168 kb ( can vary with other visual C compilers),
Whereas the size of the hello.exe created with nasm and alink is just 2.5 kb (!!).
All C compilers add lots of unwanted header information,
The programmer usually dont have control over this action of the compiler.
In NASM programs, the programmer have full control over each and every byte which is going to come in the executable file.
Due to the very small size, programs created using nasm and alink are much faster than those
created using C.
Other Features:
One of the most powerful feature of nasm is the macro facility.(similar to the one available in C)
In order to make nasm programs much simpler to code, an include file "nagoa+.inc" has been developed.
Its a super set of win32n.inc, with additional constant definitions and lots of macros.
Using nagoa+.inc, we can actually makes nasm programs as simpler as C programs.
Lets see how the same program becomes much simpler after using nagoa+.inc
%include "nagoa+.inc"
;; our API macro (we can include this in our nagoa+.inc ,
;; so that we need not type this macro in all pgms)
%macro API 2
import %1 %2
extern %1
%endmacro
API MessageBoxA,user32.dll
API ExitProcess,kernel32.dll
segment .data USE32
title db "hello",0
message db "hello world",0
segment .bss USE32
var1 resb 32
segment .code USE32
..start:
call MessageBoxA,0,message,title,MB_OK
call ExitProcess,0
Here 'call' is actually a macro(which is present in nagoa+.inc) which replaces
the call instruction of the x86 processors.
This 'call' macro pushes the arguments from right to left starting from MB_OK.
Like in C, We can give immediate string values in call macro..
call MessageBoxA,0,"hello world","hello",0 ; in nasm
MessageBoxA(0,"hello world","hello",0); // in C
So our program reduces to ,
%include "nagoa+.inc" ;; now we have added API macro in nagoa+.inc :)
API MessageBoxA,user32.dll
API ExitProcess,kernel32.dll
segment .data USE32
segment .bss USE32
var1 resb 32
segment .code USE32
..start:
call MessageBoxA,0,"hello world","hello",MB_OK
call ExitProcess,0
Now we can see that the complexity of the code has decreased considerably.
And the executable file size is the same 2.5 kb.
In nasm programs we can use the cpu registers as well as the dlls in windows.
So we can write smaller, faster and efficient gui programs for windows easily using nasm.
Back
Home
