Re: Getting from TJump to TMethod.Code...
- From: "Avatar Zondertau" <avatarzt@xxxxxxxxx (please reply to newsgroup)>
- Date: 30 Jun 2005 12:26:52 -0700
> However, I encountered a problem, I'm not quite sure how to tackle.
> Namely, if I wanted to use this technique on another method, I'd
> first need to look up the dissasembly of the method and determine
> the instruction at the 5th byte, relative to the start address.
> I need to know where that instruction ends, so that I can:
>
> a.) preserve it in whole
> b.) set a jump to skip it
>
> Is there a way to automate this?
The Intel Architecture Developer's manual is a great source for
information about assambly and machine code. Volume 2 deals with
individual opcodes and has a decoding table too.
Volume 2A is found here; also get 2B which is linked to as well:
http://developer.intel.com/design/pentium4/manuals/253666.htm
BTW if you just want to skip one opcode you can replace it with NOPs
too; they were meant for that purpose. The most common NOP is the
one-byte NOP opcode $90 (which is actually XCHG EAX, EAX). There exist
multi-byte NOPs, which can be more efficient but aren't really needed.
.
- References:
- Getting from TJump to TMethod.Code...
- From: Aleksander Oven
- Re: Getting from TJump to TMethod.Code...
- From: Avatar Zondertau
- Re: Getting from TJump to TMethod.Code...
- From: Aleksander Oven
- Getting from TJump to TMethod.Code...
- Prev by Date: Re: sorry for OT
- Next by Date: Re: Survey: Which Delphi do you use?
- Previous by thread: Re: Getting from TJump to TMethod.Code...
- Next by thread: FastMM4 and BorlndMM.dll question
- Index(es):
Relevant Pages
|
