1

I am trying to reverse engineer some assembly code into C. I have the following bit of assembly code that I am trying to decipher:

lea 0x1(%rbx), %eax add 0x0(%rbp, %rbx, 4), %eax cmp %eax, 0x4(%rbp, %rbx,4) 

And my interpretation line by line is as follows:

  • %eax = %rbx + 1
  • %eax = %rbp + 4*%rbx + 0
  • Compare %eax to %rbp + 4*%rbx + 4

I know that the first three of six iterations yield 1, 2, 4 respectively, but I can't figure out what formula is yielding those values. Can someone please tell me how I went wrong in deciphering this?

1 Answer 1

2

You have to see that the second and third line contain memory accesses. And result depends on the values that are stored there.

The code could be roughly translated to C by the following

unsigned char *rbp; eax = ebx + 1 eax += *(rbp + rbx*4) if (eax XXX *(rbp + rbx*4 + 4) ) ... (with XXX the comparison operator, depends on the jmp instruction after the cmp) 

or if you want to consider rbp a long array (which makes sense from the assembly)

unsigned long *rbp; eax = ebx + 1; eax += rbp[rbx]; if (eax XXX rbp[rbx+1] ) ... (with XXX the comparison operator, depends on the jmp instruction after the cmp) 
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.