In-depth Tutorial Comparing Strings

[Shark23]

Well, this topic is going to cover a few topics. These will be different data registers, and some new commands.

First, lets get to the code.

Code:

include \masm32\include\masm32rt.inc

.data

Yes     db "Yes",0
Compare db "Yes",0
No      db "No",0

First off we have our include file which is pretty much a runtime library. Since assembly doesn't have one like high level languages would, masm comes with masm32rt.inc which is as close as you can get. It contains all the include and library files you need to make a program.

Next we define a yes, compare, and no string null terminated by the 0.

Code:

.code
start:  push    esi
        push    edi
        mov     esi,offset Yes
        mov     edi,offset Compare
        mov     ecx,sizeof Yes
        repz    cmpsb

mov is the move instruction. We move the second part after the comma (,) into the first part before the comma.

Now we have quite a bit to wade through. We start off with pushing esi onto the memory stack. ESI is the source index. ESI is often used in conjuction with EDI. ESI will point to our source that we want to copy and EDI will point to the destination we want to copy. We'll look at why we need to do this in a second.

In ESI we put the location of our Yes string. In EDI we put our Compare string. We then move the size of our Yes string into the ECX counter. ECX is the count register. This sets the value of 4 into ECX. Normally you would think it would be 3. One for Y, one for e, and one for s. However, we also need the null terminator 0 to check not only if our strings contain the first three bytes the same, but also if they are exactly the same length.

The repz command will repeatedly compare the value at ESI with EDI and decrement ECX. This will repeat as long as the result is 0 and the count is non-zero. In plain English, it will repeatedly compare one byte at a time from ESI and EDI until there is an inequality or ECX becomes zero meaning both strings are equal.

Code:

        pop     edi
        pop     esi
        mov     eax,offset No
        jnz     result
        mov     eax,offset Yes

Now we pop our destination index off the stack. Remember what pushing does? It pushes a value onto our memory stack. From there we can read the value. We can also pop values off the stack. This means they will be removed from our memory so they will not be read.

So we pop EDI and ESI because they have already been used for our comparison. We then move our No value into the EAX register. EAX is a general purpose register that we can use for anything.

JNZ stand for 'Jump if Not Zero' meaning that if our count register ECX is not zero it will jump to result which is coming up. This means that the string is unequal. If the result is zero, meaning an equal string, then we move our Yes string into the EAX register.

Code:

result:     push    0
            push    eax
            push    eax
            push    0
            call    MessageBoxA
            push    0
            call    ExitProcess
end     start

In our result, we push 0 for our messagebox style, meaning a standard messagebox. We then push the eax register for the title and text of the messagebox. This will either be our Yes string or our No string. Next we push 0 for our handle window since we have none. Finally, we call MessageBoxA to form a messagebox and we exit our process.


Finally, we made it through the program. You can run the program and you will get a 'Yes' messagebox. In your source, you can change the 'Compare' string to anything except 'Yes' and it will show you a 'No' messagebox.


That's it for this tutorial. I hope that you have learned something new or reinforced something old. I know it's a lot to read through and wrap your brain around but keep practicing. It will get easier. Thanks for reading.

[NextGen1]

Are you hidden dragon? Or is there a credit you would like to add?

[Shark23]

Indeed I am NextGen. It's been a while since I've seen you here.

Are you talking about HF, MC, or DIC?

[Hassan]

Are you hidden dragon? Or is there a credit you would like to add?

What's up with the credit thing NextGen ??

[Shark23]

I posted this on a couple other sites but my username there is different. He saw it on one of the sites with my different username and thought I might be stealing it I'm sure.

[NextGen1]

No, Asked, Didn't accuse.

@ Xscape : Whyo6's no leeching policy is enforced by MPGH . This tut is listed on numerous sites. He said it was him. Excepted.

It has been like this since (way) before you came. (no offense)