Re: Jumping into middle of instruction

On Tue, 26 Feb 2008 09:36:52 -0800 (PST), "mybwpp@xxxxxxxxxxxxxx"
<spamtrap@xxxxxxxxxx> wrote:

Can anyone explain the concept of 'Jumping into the middle of
instructions'.
Sample snippet deassembly:

Rtn2:
B3 02 mov bl,2
B8 ? db 0B8h
Rtn3:
B3 03 mov bl,3
B8 ? db 0B8h
Rtn4:
B3 04 mov bl,4
B8 ? db 0B8h

What it looks like, while running:
13C2:0100 B302 MOV BL,02
13C2:0102 B8B303 MOV AX,03B3
13C2:0105 B8B304 MOV AX,04B3
13C2:0108 B89090 MOV AX,9090

If you start at Rtn2, then bl=2, and the rest of the code loads
garbage into ax.

If you start at Rtn3, then bl=3, and the rest of the code loads
garbage into ax.
. . .

Why it is used?

Usually to allow multiple entry points to a routine. Sometimes to
conserve space.

Can we hide arbitrary code (I/O instructions, system calls) by this technique ?
Not really. As you can see, I decoded the above sample.
--
ArarghMail802 at [drop the 'http://www.' from ->] http://www.arargh.com
BCET Basic Compiler Page: http://www.arargh.com/basic/index.html

To reply by email, remove the extra stuff from the reply address.

.

Relevant Pages

  • Re: Word file recovery
    ... Try ³uncorrupting² the document according to the instructions here: ... Mac Word FAQ: ... Continuing to try and open the file results in garbage. ... way of recovering the file that has for some reason been corrupted? ...
    (microsoft.public.mac.office.word)
  • Re: SAFE MODE
    ... DON'T TRY AND DEFEND MS BY ... SUGGESTING THAT THE INSTRUCTIONS WERE OK APART FROM THE PART THAT ACTUALLY ... american English or it is plainly gobblygook. ... It's NOT "garbage", it's EXACTLY how you do it. ...
    (microsoft.public.windowsxp.basics)