I am attempting to learn debugging in x86 assembly and am trying to debug my simple C program. However, I am confused as to how large values (like strings) are stored in memory. For example, lets say I store the string VEQ9SZ9T8I62ZCIWE6RKZDE6AZSI2 at address 0012E965 in register EBX and I look at the hex dump at that address, how do I know where it ends? Say I didn’t have a nice ASCII string stored at that location, how would I know where the hex dump ended for that particular address? As you can see, I am quite a beginner at assembly so I thank everyone for his/her patience and help.
Share
It’s mostly a matter of interpretation. How a string (or any data in memory) is interpreted is (not surprisingly) defined by some code which interprets it. From just looking at a hex dump of data you cannot say which method was used to create the string, but chances are, that a common method was used. Null-terminated strings are easily recognized by a tailing zero, some strings may be prepended by it’s length in bytes or chars. It’s also possible that the size is not encoded in data memory but was put in as an immediate value inside the program.