Re: lea with fs override
- From: JC <spamtrap@xxxxxxxxxx>
- Date: Thu, 27 Apr 2006 16:54:56 -0800 (PST)
robertwessel wrote:
The question is what you're trying to accomplish.
Fair enough. Just for kicks, I thought I'd write an interpreter for
x86 user programs. One of the things I thought would be interesting
would be to identify when particular linear addresses were read or
written.
Of course, to do this, I need to identify what linear addresses an
instruction is touching, which is generally easy except for these FS
segment overrides (and potentially GS too --- although, I don't know
that GS is used for anything special in WinXP).
I was hoping there might be a reasonably generic way to handle this
that didn't rely on baking in special knowledge about FS (like this
FS:0x18 business you mention).
But AFAIK, it doesn't seem like you can do this without kernel-level
help.
Ultimately, I think I'll just have to bite the bullet and go with the
FS:0x18 solution you mention. I didn't know about that before, thanks
for the tip.
Thanks,
JC
.
- Prev by Date: Re: lea with fs override
- Next by Date: [BIOS] How to calculate the destination by machine code ?
- Previous by thread: Re: lea with fs override
- Next by thread: Learning MMX
- Index(es):
