Re: Jumping into middle of instruction


"mybwpp" asked:

Can anyone explain the concept of 'Jumping into the middle of
instructions'. Why it is used? Can we hide arbitrary code (I/O
instructions, system calls) by this technique ?


Sure it once was used to confuse brainless disassemblers ...
some compilers may still try to confuse us (with minor success,
because every half-brained disassambler can detect a code path).
..
I can give you one example (out from my early OS attempts):
[called as ext-mem OS PM32 Function from RM}

FN_get: ;get a byte/word/dword from ESI (count in AL)
use32:
CMP AL,01
JA GET_W_D ;if I want more than a single byte
MOV AL,[ESI]
RET ;AL= the byte
GET_W_D:
CMP Al,04 ;want four bytes ?
JNZ L1 ;Yes/NO I want just two
L0: ;
db 66h ;with this '66' I get MOV ax,[esi]
L1:
MOV eax,[esi] ;and without it I get EAX as it says
RET ;finally I got AX or EAX from [esi]

This example wont be seen in my Os since very long,
and you may see the bug (if AH=0 or not 4) in there ...
but it's just an often seen example of jumping into code.

xxx0c L0: 66 8b 06 mov ax,[esi]
xxx0d L1: 8b 06 mov eax,[esi]

this (few bytes) stupid function is still in my OS,
but only used in DOS-based DEMO-software.
__
wolfgang


.

Relevant Pages

  • Re: How to distribute an application?
    ... Thanks but that only served to confuse me more. ... The instructions appear to ... be either incomplete or do not reflect current reality as I'm seeing it on ...
    (microsoft.public.dotnet.framework.compactframework)
  • Re: Setting query parameters from a query
    ... Don't confuse them! ... HTH ... Smokey smith wrote: ... >I need step by step instructions on how to get parameters for a query from a ...
    (microsoft.public.access.queries)
  • Re: Travel Bidet for RVers / Travelers
    ... Hey, live a little. ... Read the instructions for a lesson in how to ... confuse someone. ...
    (rec.outdoors.rv-travel)