Dec 052017
 
Interactive disassembler, thru '286. Does partial files.
File RE-SOURC.ZIP from The Programmer’s Corner in
Category Assembly Language
Interactive disassembler, thru ‘286. Does partial files.
File Name File Size Zip Size Zip Type
RE-SOURC.2DO 4220 2320 deflated
RE-SOURC.ASM 120691 36265 deflated
RE-SOURC.COM 16566 10863 deflated
RE-SOURC.DOC 7783 3675 deflated
TPCREAD.ME 199 165 deflated

Download File RE-SOURC.ZIP Here

Contents of the RE-SOURC.DOC file



RE-SOURCE V4.0interactive disassembler for 8088 thru 80286
Pre-Alpha test version Dec '88

Just run it and hit F1 for instructions.

An 'interactive' disassembler lets you change whether code is instructions,
ASCII strings, data words, etc. and displays your changes 'right now'.
You add labels and comments where you want, and they are saved in separate
files. These .CTL, .SMB, and .REM files can be changed with an ASCII editor.

It works on any file or from RAM (so you can disassemble DOS, or your BIOS);
it's great for rewriting short utilities or device drivers. You do not have
to dissassemble the whole program. Programs longer than 64K will load, but
for now you must use 'R' to change segments above 64K.
Some disassemblies will assemble correctly with no changes at all.

For now, there is no .EXE or Device Driver support, so you have to interpret
headers and segments manually.

Use it when DASM won't work and ASMGEN is too cumbersome.

It writes a .RSM file that you can copy as an .ASM file (use a different name
so you don't overwrite your original), perhaps edit a little,
and run through MASM. Sadly, the fine public-domain assemblers like A86
and CHASM are not perfectly MASM compatible, and MASM is the standard. MASM
has numerous quirks from being designed by a bureaucracy, and its attempt to be
forever not quite backwards-compatible. RE-SOURCE inserts the minimum
boilerplate, such as the END statement, 'Start' label and the remarkable need to
say MOV AL, BYTE PTR DS:123h where MOV AL,[123h] would be perfectly clear.

(soon to come:)
MASM refuses to assemble JMP 0123h:4567h to an address outside the program, so
RE-SOURCE generates SEGMENT AT and EQU $ lines when you W(rite) the .RSM file.

Compatible assemblers:
The generated source code works with MASM 5.0 and 5.1, and Turbo Assembler 1.0
(which is over twice as fast and is recommended as long as you NEVER,
NEVER use its Ideal mode, which is Ideal only for Borland, since it tempts you
to write code that will NEVER run through someone else's MASM).
A86 will not generate identical code. For example, it replaces all your LEA
instructions with MOV in the code. While LEA is useless, slow and confusing,
this makes it tough to tell when your disassembly is correct.

Loading files:
Run RE-SOURC [d:][\path\][filename] or just RE-SOURC and use the L command.
The command line loads any .COM, .EXE, or .SYS file with the name you supply,
and also the .REM, .SMB and .CTL files. It ignores any .EXT.
The L command, if you supply a name with an .EXT, will load only the specified
file as the target program.
CAUTION: if you work on ABC.EXE and then L(oad)ABC.OVL, saving will wipe out
your ABC.CTL, ABC.SMB and ABC.REM files.

A tutorial session:
You have downloaded CLOSEBUT.COM, which is almost what you were looking for.
The author has included massive detailed instructions, but not his precious
source code. You have hours to kill, and you know assembly language.
You look at the code with your byte editor (like FileMod or Norton) and do NOT
see the ominous 'BORLAND' trademark (disassembling Pascal is very difficult).
You guess the program was written in C or Assembler, and it is shorter than,
say, 8K long for your first try.

You run RE-SOURC CLOSEBUT and hit PGDN to look at the disassembly. If you see
a string of MOV AX,1234 INT 78, etc, give up, it's compiled BASIC. If it's
mostly PUSH AX, CALL 0123h:4567h, give up, it's QuickBasic.
Luckily, you see JMP 0123 followed by gibberish. So you enter A100, and now
you see the JMP 0123 followed by some ASCII strings, which you recognize from
having run the program. This is followed by more of what looks like actual
code, so you enter just A to 'Attempt to Find DBs' for the whole program.

U100 or CTRL-PGUP gets you back to the top of the file. You look thru the
disassembly and see a DB '(*&^%$#@' line at 0ABC. These are
likely instructions that have ASCII equivalents, so kill the Bytes Control
at the address by entering CABC,K. When you looked at the code with FileMod,
you saw a string of 5-letter messages each followed by a few bytes of hex at
0BCD, but they do not show up (RE-SOURCE requires 8 ASCII bytes in a row to
show as ASCII). So you enter CBCD,B and CAFF,I at the end of the string to
switch back to Instructions, and now UBCD shows them.
You hit F9 to save your work.

You think you've found all the correct DB's, so it's time to build a Symbol
table by entering B. Now when you look thru the file, there are labels like
H00123 for the jumps, calls, and data areas. You quickly hit F9.

The major work is deciding whether each operand word is data or an address.
The B command just makes guesses. If you want to freely change the code,
you have to understand the program well enough to correctly identify the
addresses.
You try to label the short routines first. One at H00567 calls DOS function
30h, which your Programmer's PC Sourcebook or Norton's Programmer's Guide
tells you returns the DOS version. You change the H00567 label by
entering E567,.GetVersion and when you then U550, GetVersion has replaced
every occurance of H00567. You hit F9 again.

Then you look for command vector tables (strings of words that are addresses
within the program), or places where the command line or keyboard are read
(a string of CMP AL,'x' followed by JZ H00456 stuff). Finally, eyelids
drooping, you are ready to try to re-assemble the program. You hit F9.

You enter W and then U to write the .RSM file and see the 'RSM is
closed' message. To exit, you enter Q (like DEBUG) or hit ESC Q (like
PathMinder's editor).
But you see a message telling you to hit U(pdate) or E(xit), because you
have changed something since you last hit F9. Hit U unless you made a boo-boo.

You gulp 2 cups of black coffee and copy CLOSEBUT.RSM as C.ASM.
Running MASM on C.ASM gives 47 Severe Errors. All of them, however,
are references to H00789. You run RE-SOURC CLOSEBUT again and U780. There
IS no label at 0789, but an instruction at 0787 extends past 0789.
Probably that previous line was data. You simply C787,H to change the offending
instruction to hex bytes, and now U780 shows the label. Obviously, you still
have more work to do, but for now you hit F9, hit W and U again to write
a new .RSM file, exit RE-SOURC, copy it to C.ASM again, and try to assemble it
(again).

Finally you get the .ASM file to run thru MASM and produce a program that
COMPares correctly with the original. You can now make all the changes
you like.

When you make your changes, you may discover that you still have some
address/number decisions to make.


NOTES:
POP CS (0Fh) was valid for the 8088 & 8086 only. The '286+ use 0Fh as
a prefix for protected mode instructions.
RE-SOURCE does not disassemble POP CS and no current assembler will allow it,
but old code may use it.

MASM 5.0 on some '286 protected mode instructions, requires QWORD PTR where 5.1
requires the correct FWORD PTR (that means 6 words !).
RE-SOURCE generates FWORD, you'll have to change it for 5.0.

Both MASM 5.0 & 5.1 do not catch, and generate incorrect code:
ARPL word,mem (must be word,reg)
IMUL mem,reg,immed (must be reg,reg,immed).
(TASM is OK).

TASM does not warn if DB line has extra comma
(MASM is OK)

Anyone want to:
Write a slick mouse/menu interface ?
Do the 80x87 Fxxxx instructions ?

If you improve RE-SOURCE, please send us the .ASM code.

original author Ward ChristensenTransl. to 8086 by Larry Etienne
Converted to MS-DOS by C.Derouen 3/85Latest hacking by J. Rebold 12/88

Bugs, suggestions, and gripes:
Please WRITE to:IDEPO Box 9747Baltimore, MD 21204


 December 5, 2017  Add comments

Leave a Reply