-
March 19th, 2013, 03:19 PM
#1
Doubt
On the following code:
mov esi, offset Vec
mov eax, [esi]
Esi contains the 1st position of the vector and Eax contains the 1st number of the same vector.
And here:
mov edi, offset (vec + 4)
mov ebx, [edi]
Edi gets the 2nd position of the vector and ebx contais the 2nd number or is it incorrect?
Consider it to be DWORDS.
-
March 19th, 2013, 08:18 PM
#2
Re: Doubt
Your assumptions look correct to me.
I was thrown out of college for cheating on the metaphysics exam; I looked into the soul of the boy sitting next to me.
This is a snakeskin jacket! And for me it's a symbol of my individuality, and my belief... in personal freedom.
-
March 19th, 2013, 11:39 PM
#3
Re: Doubt
Originally Posted by Khabz
mov esi, offset Vec
mov eax, [esi]
If Vec contains a pointer to some some structure, then eax is assigned a copy of the first attribute of that structure. To assign a copy of the second attribute of that same structure to ebx, follow the above code with:
mov ebx, [esi + 4]
mov edi, offset (vec + 4)
mov ebx, [edi]
edi is assigned the pointer that is stored in the double word after vec. ebx is then assigned the value to which this pointer points.
To better illustrate what you are doing, examine the following C++ code:
Code:
struct vec_structure
{
DWORD attribute1;
DWORD attribute2;
};
vec_structure record;
vec_structure* vec = &record;
DWORD* dummy;
DWORD eax;
DWORD ebx;
// Your code is doing this:
eax = vec->attrubute1;
ebx = *dummy;
// What you want is:
eax = vec->attrubute1;
ebx = vec->attrubute2;
-
March 20th, 2013, 07:19 AM
#4
Re: Doubt
As I understand the OP, the label Vec does not refer to a pointer, but a construct (avoiding the word "structure" here because it may suggest a more specific meaning) in memory that is to be considered an array of DWORDs. The offset of +4 given in the sample is expressed in bytes and not scaled by the item size which is unknown in the case of mov ebx, [esi + 4] anyway because it's not explicitly specified using the PTR keyword (and even then it wouldn't influence the meaning of the offset), and may or may not have been specified in the definition of Vec, but then wouldn't influence the meaning of the offset either.
What may be syntactically problematic, though, is the use of parentheses in mov edi, offset (Vec + 4), since that means taking the offset of Vec after it already has been offset by +4.
I was thrown out of college for cheating on the metaphysics exam; I looked into the soul of the boy sitting next to me.
This is a snakeskin jacket! And for me it's a symbol of my individuality, and my belief... in personal freedom.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|