Book Review: The Art of Assembly Language 2nd Ed

| August 3, 2010

Review by Michael Heinzl AKA EH-Net Member Awesec

People often ask if they should learn Assembly language – if it’s worth the efforts, and if it’s a necessity in order to become a good penetration tester. Short and personally answered, I’d say certainly yes. If you are interested in areas like Reverse Engineering and Exploit Development, Assembly knowledge is a must-have. The second question which often comes directly after “Should I learn Assembly?” is “How and where to start?” One of the few given recommendations often points towards Randall Hyde’s “The Art of Assembly Language”  (AoA) for which the second edition was recently published.

The revised >700 pages strong edition covers Hyde’s High Level Assembly, short HLA, which was developed in order to teach Assembly language to students at university in an easy way without the need to know everything that might be necessary to know for real Assembly language. Therefore, it’s not the real low-level assembly known by many readers, as it supports control structures such as loops and exception handling, and even OOP.

Active Image
Active Image del.icio.us

Discuss in Forums {mos_smf_discuss:Book Reviews}

Closer Look 

The first chapter, "Hello, World of Assembly Language," will introduce the basic concepts of HLA. This includes the basic syntax and some of the most common instructions and data declarations as well as an overview of the x86 architecture. Also a short overview of the HLA Standard Library is given; however, for a complete and up-to-date version check the official website at http://webster.cs.ucr.edu/.

The next chapter, "Data Representation," focuses on numbering systems and binary data organization. This means the reader will get to know about the Hexadecimal and Binary systems, as well as bits, bytes, words et cetera. Also logical operations, such as and, or and xor, are covered as well as some floating-point arithmetic.

"Memory Access and Organization," the third chapter, is all about, well… Memory Access and Organization. To be more precise, the reader will get to know memory addressing modes, how memory is allocated and how a stack works.

The fourth chapter, "Constants, Variables, and Data Types," can be seen as the final chapter of the introductory topics, as it tries to “connect the concept of data representation to its actual physical representation.” Thus the correct declaration and usage of constants, scalar variables, pointers, arrays and namespaces are explained. These four chapters are mandatory to understand, otherwise it will be hard to follow the rest of the book. If you are familiar with another language or already have some knowledge in this area, you can most probably skip through these chapters or only have a glance at them. But if one is new to Assembly, maybe a second time around the first four chapters may be in order.

Chapter 5 and 6, titled "Procedures and Units" and "Arithmetic" respectively, explain how procedures are implemented in HLA and e.g. how the stack is used during such procedure calls, and how to translate arithmetic expressions from high-level languages, such as C++ or Pascal, into x86 assembly. Here the reader will not only face HLA, but also some real assembly.

In Chapter 7, "Low-Level Control Structures," the discussion of pure assembly is continued and explains some translations between HLA and pure assembly. The final sub-chapter of this one is about hybrid control structures in HLA, where it’s explained how to combine pure assembly with HLA regarding boolean expressions.

The 8th chapter is devoted to "Advanced Arithmetic," wherein four main topics are covered: extended-precision arithmetic, arithmetic on operands with different sizes, decimal arithmetic, and computation via table lookup. BCD (Binary Coded Decimal) and FPU (Floating Point Unit) are explained as well.

Next is a chapter on "Macros and the HLA Compile Time Language," which are a main part of the Compile Time Language (CTL), and a chapter about "Bit Manipulation." The reader will get to know some more of the previously discussed bit manipulation instructions and, a little later on in the book, some bit-centric algorithms and how to implement them.

The penultimate chapter, "The String Instructions," will introduce the reader briefly to string instructions, e.g. how they operate and how they can be used.

The book ends with its final chapter about "Classes and Objects" in HLA, explaining how methods and the like are implemented in HLA and the differences between virtual methods and static procedures, how constructors are used and object initialization works, as well as abstract methods.

Conclusions

So finally, to whom can AoA be recommended? Well, that’s hard to answer as I have mixed feelings on it. On one side it’s a good entry-level book for assembler, since over 200 pages are devoted to the very basics such as numbering systems, data types and control structures, and so on. One wouldn’t expect such topics in an advanced technical book that is aimed at a more experienced audience. So, it shouldn’t be expected that you will be capable of writing extensive pure assembly code after working through this book.

However, probably only very few people would go with assembly as their first language, so those things should be known anyway and can easily be picked up throughout some hands-on practice and an appropriate reference. As AoA can be seen as a wrap from high-level to low-level, it wouldn’t make much sense either to go with it as the first book if you haven’t done any high-level before. Also, in terms of the later chapters such as the last one about OOP, it eventually might result in confusion.

Another potential problem which might occur with HLA being a wrap are bugs or flaws within the ‘core,’ which could be very hard to detect and fix. This is not a problem particularly associated with HLA but general with wrapped code.

On a positive note, considering the fact that many people seem to have difficulties in learning assembler, this book is a very good read and effectively introduces the reader to this fascinating topic.

Further Resources

 Full version of first edition, as well as further resources: http://homepage.mac.com/randyhyde/webster.cs.ucr.edu/www.artofasm.com/index.html
 Assembly Primer for Hackers: http://www.securitytube.net/Assembly-Primer-for-Hackers-(Part-1)-System-Organization-video.aspx


Michael Heinzl and more of his work can be found at http://www.awesec.com.

Category: Book Reviews

Comments are closed.