/
INT08.ASM
142 lines (94 loc) · 3.36 KB
/
INT08.ASM
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
;' $Header: P:/PVCS/MISC/EXTSIZE/EXTSIZE.ASV 1.3 05 Oct 1995 11:13:56 BOB $
title INT08 -- Check For Register Corruption Over Timer Tick
page 58,122
name INT08
COMMENT| Module Specifications
Copyright: (C) Copyright 2002 Qualitas, Inc. All rights reserved.
Segmentation: Group PGROUP:
Stack segment STACK, byte-aligned, stack, class 'prog'
Program segment CODE, byte-aligned, public, class 'prog'
Tail segment NCODE, byte-aligned, public, class 'prog'
Program derived from: None.
Original code by: Bob Smith, April, 2002.
Modifications by: None.
|
.386
.xlist
include MASM.INC
include DOS.INC
include PTR.INC
.list
PGROUP group STACK,CODE,NCODE
; The following segment both positions class 'prog' segments lower in
; memory than others so the first byte of the resulting .COM file is
; in the CODE segment, as well as satisfies the LINKer's need to have
; a stack segment.
STACK segment use16 dword stack 'prog' ; Start STACK segment
STACK ends ; End STACK segment
CODE segment use16 dword public 'prog' ; Start CODE segment
assume cs:PGROUP,ds:PGROUP
.xlist
include PSP.INC ; Define & skip over PSP area for .COM program
.list
INITIAL:
jmp INIT08 ; Join initialization code
align 4
public OLDINT08_VEC
OLDINT08_VEC dd ? ; Save area for pointer to old INT 08h handler
@KNOWN equ 089ABCDEFh ; Known value
public KNOWN
KNOWN dd @KNOWN ; Known value
FPPROC INT08 -- Check For Register Corruption
assume ds:nothing,es:nothing,fs:nothing,gs:nothing,ss:nothing
pushad ; Save all EGP registers
; Set EGP registers to known values
mov eax,KNOWN ; Be sure high-order word is set
mov ebx,eax ; ...
mov ecx,eax ; ...
mov edx,eax ; ...
mov esi,eax ; ...
mov edi,eax ; ...
mov ebp,eax ; ...
pushf ; Simulate INT environment
cli ; ...
call OLDINT08_VEC ; Call down to next handler
irp XX,<eax,ebx,ecx,edx,esi,edi,ebp>
cmp XX,KNOWN ; Check for corruption
je short @F ; Jump if not
int 03h ; Call our debugger
@@:
endm ; IRP
popad ; Restore
iret ; Return to caller
assume ds:nothing,es:nothing,fs:nothing,gs:nothing,ss:nothing
INT08 endp ; End INT08 procedure
CODE ends ; End CODE segment
NCODE segment use16 byte public 'prog' ; Start NCODE segment
assume cs:PGROUP
public ZTAIL
ZTAIL label byte
public MSG_COPY
MSG_COPY db 'INT08 -- Version 1.00 ',CR,LF
db ' (C) Copyright 2002 Qualitas, Inc. '
db ' All rights reserved.',CR,LF,EOS
NPPROC INIT08 -- Initialization Code For INT08
assume ds:PGROUP,es:PGROUP,fs:nothing,gs:nothing,ss:nothing
DOSCALL @STROUT,MSG_COPY ; Display our copyright
; Hook interrupt and go resident
push es ; Save for a moment
mov al,08h ; Install this handler
DOSCALL @GETINT ; Return with ES:BX ==> old handler
assume es:nothing ; Tell the assembler about it
mov OLDINT08_VEC.VOFF,bx ; Save for later use
mov OLDINT08_VEC.VSEG,es ; ...
pop es ; Restore
assume es:PGROUP ; Tell the assembler about it
mov al,08h ; Install this handler
DOSCALL @SETINT,INT08
lea dx,ZTAIL ; DS:DX ==> next address
int 27h ; Return to DOS as resident program
assume ds:nothing,es:nothing,fs:nothing,gs:nothing,ss:nothing
INIT08 endp ; End INIT08 procedure
NCODE ends ; End NCODE segment
MEND INITIAL ; End INT08 module