Mail Archives: djgpp/1995/08/26/14:16:15

delorie.com/archives/browse.cgi

search

Mail Archives: djgpp/1995/08/26/14:16:15

Xref: news-dnh.mv.net comp.os.msdos.djgpp:1755

Path: news-dnh.mv.net!mv!news.sprintlink.net!howland.reston.ans.net!news.cac.psu.edu!news.math.psu.edu!hudson.lm.com!nntp.club.cc.cmu.edu!cantaloupe.srv.cs.cmu.edu!das-news2.harvard.edu!oitnews.harvard.edu!newsfeed.rice.edu!news.sesqui.net!uuneo.neosoft.com!news!sandmann

From: Charles Sandmann <sandmann AT praline DOT no DOT NeoSoft DOT com>

Newsgroups: comp.os.msdos.djgpp

Subject: Re: djgpp2 and TBAV

Date: Sat, 26 Aug 1995 10:59:34 CDT

Organization: NeoSoft Internet Services +1 713 968 5800

Lines: 30

References: <41lc28$tg9 AT maze DOT dpo DOT uab DOT edu> <Pine DOT A32 DOT 3 DOT 91 DOT 950825122621 DOT 15802A-100000 AT srv1 DOT freenet DOT calgary DOT ab DOT ca> <303e5067 DOT sandmann AT praline DOT no DOT NeoSoft DOT com> <Pine DOT A32 DOT 3 DOT 91 DOT 950825193848 DOT 28926A-100000 AT srv1 DOT freenet DOT calgary DOT ab DOT ca>

Reply-To: sandmann AT clio DOT rice DOT edu

Nntp-Posting-Host: praline.no.neosoft.com

To: djgpp AT sun DOT soe DOT clarkson DOT edu

Dj-Gateway: from newsgroup comp.os.msdos.djgpp

> well, this is what TBAV says on all djgpp2 programs:
>  !  Invalid opcode (non-8088 instructions) or out-of-range branch. 
>  i  Additional data found at end of file. Probably internal overlay. 

These are a requirement and can't be changed; should also be seen in V1.x
programs.

>  ?  Inconsistent exe-header.  Might be a virus but can also be a bug. 

I don't think this is correct.  DJASM uses the unused 512 bytes for 
copyright information instead of all zeros, but this isn't inconsistent.

>  Z  EXE/COM determination.  The program tries to check whether a file
>     is a COM or EXE file.  Viruses need to do this to infect a program. 

This is clearly wrong (a bug in TBAV).  The stub does add .EXE to file
names and does check for the MZ or COFF signature in files to handle
sym-links.  This is a requirement, unless you want to drop support for
sym-links (and that would be unpopular for those using this feature).

>  K  Unusual stack.  The program has a suspicious stack or an odd stack. 
>  @  Encountered instructions which are not likely to be generated by
>     an assembler, but by some code generator like a polymorphic virus. 

These seem to be "style" issues - unless the code was generated by 
tasm or masm it doesn't like it.  Since one of the goals of V2 was to
generate a system which could be completely built and supported with free
tools, it's not going to be built with these.  So, does someone spend a
lot of time and effort to modify djasm to make generated code to look
like tasm just to make TBAV happy?

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

Xref:	news-dnh.mv.net comp.os.msdos.djgpp:1755
Path:	news-dnh.mv.net!mv!news.sprintlink.net!howland.reston.ans.net!news.cac.psu.edu!news.math.psu.edu!hudson.lm.com!nntp.club.cc.cmu.edu!cantaloupe.srv.cs.cmu.edu!das-news2.harvard.edu!oitnews.harvard.edu!newsfeed.rice.edu!news.sesqui.net!uuneo.neosoft.com!news!sandmann
From:	Charles Sandmann <sandmann AT praline DOT no DOT NeoSoft DOT com>
Newsgroups:	comp.os.msdos.djgpp
Subject:	Re: djgpp2 and TBAV
Date:	Sat, 26 Aug 1995 10:59:34 CDT
Organization:	NeoSoft Internet Services +1 713 968 5800
Lines:	30
References:	<41lc28$tg9 AT maze DOT dpo DOT uab DOT edu> <Pine DOT A32 DOT 3 DOT 91 DOT 950825122621 DOT 15802A-100000 AT srv1 DOT freenet DOT calgary DOT ab DOT ca> <303e5067 DOT sandmann AT praline DOT no DOT NeoSoft DOT com> <Pine DOT A32 DOT 3 DOT 91 DOT 950825193848 DOT 28926A-100000 AT srv1 DOT freenet DOT calgary DOT ab DOT ca>
Reply-To:	sandmann AT clio DOT rice DOT edu
Nntp-Posting-Host:	praline.no.neosoft.com
To:	djgpp AT sun DOT soe DOT clarkson DOT edu
Dj-Gateway:	from newsgroup comp.os.msdos.djgpp