如何在x86程序集中比较两个地址?
[英]How to compare two addresses in x86 assembly?
问题描述
I am trying to do some byte injection in a program to perform a specific task when ecx+5C is equal to a specific address which I supply an immediate value for. 
当ecx+5C等于我为其提供立即值的特定地址时,我试图在程序中进行一些字节注入以执行特定任务。 I'm trying to do something like the following: cmp [ecx+5C], 1D59D3BC . 我正在尝试执行以下操作: cmp [ecx+5C], 1D59D3BC 。 However I get an error. 但是我得到一个错误。 Does anyone know how I could compare a register+offset address to an immediate address in x86 assembly? 有谁知道我可以在x86程序集中比较寄存器+偏移地址和立即数吗?
1 个解决方案
解决方案1
3 2017-07-15 13:55:46
I'm trying to do something like the following:
cmp [ecx+5C], 1D59D3BC.cmp [ecx+5C], 1D59D3BC。
However I get an error.
Possible causes why this will fail: 失败的可能原因:
- You need to specify an hex prefix or suffix for the assembler to accept your instruction. 您需要为汇编器指定一个十六进制前缀或后缀以接受您的指令。
- You need to specify the size of the operation. 您需要指定操作的大小。 The assembler doesn't guess for you. 汇编程序不会为您猜测。
Try any of the following (depends on your assembler): 尝试以下任何一种方法(取决于您的汇编器):
cmp dword ptr [ecx + 5Ch], 1D59D3BCh
cmp dword ptr [ecx + 0x5C], 0x1D59D3BC
cmp dword [ecx + 5Ch], 1D59D3BCh
cmp dword [ecx + 0x5C], 0x1D59D3BC
Does anyone know how I could compare a register+offset address to an immediate address in x86 assembly?
lea eax, [ecx + 5Ch] ;put the address in EAX
cmp eax, 1D59D3BCh ;compare with the immediate
But shorter as PaulH showed in a comment: 但是比PaulH在评论中显示的要短:
cmp ecx, 1D59D3BCh - 0000005Ch
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.