Calculate the JMP opcodes
Question
I'm trying to calculate the correct op codes for a jump, I've looked at this in other threads and I still don't understand:
I thought the formula was desination - (from+5) but its just not working, it's way off, here's the addresses that I want to jump to/from:
FROM: 6259326B
TO: 02980000
CORRECT OPCODE: E9 90CD3EA0
FORMULA OPCODE: E9 5FC13266
So I'm having problems with this, any help appreciated.
3 answers
solution1
5 ACCPTED 2011-11-19 20:36:51
You are calculating negative jmp! So correct formula is:
0 - (from - desination) - 5
0 - ($6259326B - $02980000) - 5
what is equal $A03ECD90 (or $90CD3EA0 in little endian).
solution2
1 2011-11-19 20:19:51
The formula is fine (though it seems the provided assembly and addresses dont exactly match: 02980000 - 6259326b - 5 = c726cd90 , reverse the byte order and it almost matches your correct assembly, Id assume its off due image relocation etc.). Are you sure you did the math correctly and reversed the byte order to match the required encoding (little endian) for a relative 32bit jump?
solution3
1 2011-11-19 22:19:35
The formula is correct, assuming the jump instruction has exactly 5 bytes and FROM is the address of this jump instruction. If the length isn't 5 or FROM isn't where jmp is, it's incorrect.
With that you get in modulo 2 32 arithmetic:
2980000H-(6259326BH+5)=0A03ECD90H.
If you don't understand how 2980000H - 62593270H equals 0A03ECD90H in 32 bits, imagine for a moment that you're subtracting from 102980000H instead of 2980000H, that is, you have the 33rd bit set. Then you have 102980000H - 62593270H = 0A03ECD90H. And you can verify that 102980000H = 62593270H + 0A03ECD90H. But since you only have 32 bits for the calculation, that 33rd bit, whatever it is, is not going to affect the sum and difference. So you just subtract the two numbers as 32-bit numbers and take the least significant 32-bits of the result, ignoring any outstanding borrows from bits beyond the 32nd.
And 0A03ECD90H has to be encoded in the jmp instruction from the least significant byte to the most significant byte, so you get this sequence of bytes encoding the instruction:
E9, 90, CD, 3E, A0.
A similar question has been asked before.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.