本文介绍了x86操作码编码:sib字节的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我目前正在尝试编写反汇编程序。我发现以下操作码及其含义列表,因此我决定在运行时对其进行解析:

I'm currently trying to write a disassembler. I found the following list of opcodes and their meanings, so i decided to parse it at runtime:http://web.archive.org/web/20150810224114/http://mprolab.teipir.gr/vivlio80X86/pentium.txt

但是我在操作码0x00处停留:
,其后是reg / modbyte。解析它对我来说不是什么大问题。

But i am stuck at the opcode 0x00:It is followed by a reg/modbyte. Parsing it was not much of a problem for me.

但是我在Scale-Index-Base字节上遇到了麻烦:

实际上将esp指定为索引寄存器,实际上意味着没有索引寄存器。

But I'm having trouble with the Scale-Index-Base byte:
If you actually specify esp as index register, it actually means that there is no index register.

具有ebp的基址寄存器也是如此。但是我已经使用C ++内联汇编器进行了尝试:可以编译:
add [ebp * 2 + ebp],cl

The same applies for the base register with ebp. But I've tried it with C++ inline assembler: It is possible to compile:add [ebp*2+ebp],cl

那么当将ebp用作基址寄存器时,怎么能将ebp用作基址寄存器呢?

So how can ebp be used as base register when using ebp as base register actually means using no base register at all!?

推荐答案

缺少EBP情况仅在ModR / M.Mod字段具有二进制值00的情况下适用。如果需要EBP作为基础,则汇编器将Mod更改为01二进制文件,并添加值为零的8位位移:

The "missing EBP" case apply only in case ModR/M.Mod field has value 00 binary. If you need EBP as a base, the assembler changes the Mod to 01 binary and adds 8-bit displacement with value of zero:

004C6D00 add [ebp + ebp * 2 ],cl

004C6D00 add [ebp+ebp*2], cl

这篇关于x86操作码编码:sib字节的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

06-20 08:31