.text:6F6721BB lea esi, [eax+9]
.text:6F6721BE neg esi
.text:6F6721C0 xor ebx, ebx
.text:6F6721C2 and esi, 3Fh
If I am not mistaken, the first line should set esi to the offset (eax+9). What, then, is the point of inverting a pointer?
eax isnt' necessarely a pointer. Using a lea is an optimized way of adding 2 variables and storing them somewhere else.
It's basically, esi = ~(eax + 9);
Ah, thanks.
[edit].text:6F6721F9 lea esp, [esp+0]
Uh, esp = esp + 0?
yes, actually.. that load the address of [esp] into esp .. I don't know why it would do that, unless I was horribly mistaken
Well, I should say esp = &(*(esp+0));
Quote from: iago on September 17, 2003, 07:32 PM
yes, actually.. that load the address of [esp] into esp .. I don't know why it would do that, unless I was horribly mistaken
That is a fairly common "large nop" when the compiler has a specific amount of bytes it wants to fill with do-nothing code with as minimal of a performance impact as possible. Typical reasons for this are aligning a code segment that the compiler thinks will be used a good deal.