The FWORD data type is defined as 6 bytes so how is it translated to a 32 bit virtual address in the jmp instruction:
jmp FWORD PTR [eax-0x67]
?…
The FWORD data type is defined as 6 bytes so how is it translated
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
The FWORD data type is defined as 6 bytes so how is it translated to a 32 bit virtual address in the jmp instruction:
jmp FWORD PTR [eax-0x67]
?…
When you jump to an FWORD PTR, what you’re doing is a “far jump” — that is, the memory being pointed at contains a 16-bit “selector” (which refers to a segment entry in either the GDT or LDT), and a 32-bit offset from the beginning of the segment the selector refers to. The segment descriptor contains data about the segment, of course…including where in memory it starts.
During the jump, the CPU does some privilege checks to make sure the selector is valid and permitted (there’s privilege levels and segment types and such involved), then it effectively loads the first 16 bits into CS, and the rest into EIP. From then on, code addresses effectively get the CS segment’s base address added to them to turn them into virtual addresses.