3

I have the following line in x86 Assembly language that I don't know what it does...

cmp %eax,0x80498d4(,%ebx,4)

I know it's comparing the two halves of the statement but I don't know what the address does in it and what the parentheses do either. Some clarification would be much appreciated!

Improve this question
1

2 Answers 2

Reset to default
6

In AT&T syntax this form represents

OFFSET(BASE REGISTER, INDEX REGISTER, INDEX SCALE)

so the address represented is the value of BASE REGISTER (if present) + INDEX * SCALE (if present) + OFFSET, so

EBX*4 + 0x80498d4 in your case.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Ebx in this case is 1 and the other address is -1 so in this case it should be 3 but unfortunately its not working.
What do you meam the other address? If ebx is 1, then the effective address here is 0x80498d8. The value in eax is compared to the value at that address.
@Konnor: what exactly do you mean with "it's not working"? Be precise, i.e. do you get an error message, and if so, what exactly is it, or does nothing happen, or what? If nothing happens, what exactly do you expect to happen? I assume there is more assembler code. Post a little more of it (exactly, i.e. copied and pasted).
Apologies for not being more clear, this is a binary bomb program so this is the line that basically determines whether the bomb detonates or not, which I've traced to. So the user input, goes into %eax, and I need this compare command to result in a zero flag being set. So I'm confused how it all works because 0x80498d4 has the value of 0xffffffff, so -1 in 2's complement, so I just need to find out how this statement truly works so I can defuse the bomb. I hope this makes it more clear on what I'm trying to achieve.
Actually, @500-InternalServerError I just noticed your comment and it worked! Thanks guys!
3

That is AT&T syntax:

cmp %eax,0x80498d4(,%ebx,4)

The equivalent in Intel syntax is:

cmp [080498D4H + EBX*4],EAX

It means that it compares the DWORD content at the address [0x80498D4 + 4*EBX] with the content of the EAX register and sets the processor flags as if these two values were subtracted from each other. After that, you can use these flags to do, for instance, a conditional jump.

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.