flat assembler
Message board for the users of flat assembler.

Index > Main > Doubt with TEST instruction

Author
Thread Post new topic Reply to topic
Cthulhu



Joined: 12 May 2005
Posts: 29
Cthulhu 28 Mar 2008, 11:24
Hello people!
I'm converting a piece of software from assembly to C++ and I found something that is confusing me although it must be a very basic doubt.

Code:
test    edi, 3
jnz     short some_func
    


EDI points to the following buffer:

Code:
004036D0 >00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    


I think I understood the TEST instruction incorrectly, because I thought the code above would check if the third bit was set, if not it would jump to some_func, but in my case the jnz instruction is not executed and EDI points to an empty buffer.

Can someone explain it to me?
Thanks in advance!
Cthulhu
Post 28 Mar 2008, 11:24
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20423
Location: In your JS exploiting you and your system
revolution 28 Mar 2008, 11:31
TEST is just a binary AND of the two operands. FLAGS = (EDI AND 0x00000003). Check out the Intel/AMD manuals for details on all the instructions. If you haven't yet downloaded the manuals check out my website, all the details are there.
Post 28 Mar 2008, 11:31
View user's profile Send private message Visit poster's website Reply with quote
DJ Mauretto



Joined: 14 Mar 2007
Posts: 464
Location: Rome,Italy
DJ Mauretto 28 Mar 2008, 11:32
Hello Very Happy
Code:
test    edi, 3                      ; EDI AND 11B
jnz     short some_func       ; Jump if bit0 or bit1 are set Smile    
Post 28 Mar 2008, 11:32
View user's profile Send private message Reply with quote
Cthulhu



Joined: 12 May 2005
Posts: 29
Cthulhu 28 Mar 2008, 11:37
DJ Mauretto wrote:
Hello Very Happy [code]
test edi, 3 ; EDI AND 11B
jnz short some_func ; Jump if bit0 or bit1 are set Smile [\code]


Hi DJ Mauretto!
I understood that from the Intel Manual but what is confusing me is that EDI points to 0x00000000 so the bits 0 and 1 are not set, aren't they? So why ze zero flag was set?
Post 28 Mar 2008, 11:37
View user's profile Send private message Reply with quote
DJ Mauretto



Joined: 14 Mar 2007
Posts: 464
Location: Rome,Italy
DJ Mauretto 28 Mar 2008, 11:43
Code:
EDI = 0
TEST EDI,3 = 0 AND 3 = 0 = Zero Flag Set 
JNZ short and so on.... NO JUMP because is Zero Smile    
Post 28 Mar 2008, 11:43
View user's profile Send private message Reply with quote
Cthulhu



Joined: 12 May 2005
Posts: 29
Cthulhu 28 Mar 2008, 11:46
DJ Mauretto wrote:
Code:
EDI = 0
TEST EDI,3 = 0 AND 3 = 0 = Zero Flag Set 
JNZ short and so on.... NO JUMP because is Zero Smile    


Now I understand it! Very Happy
Thanks friend!
Post 28 Mar 2008, 11:46
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20423
Location: In your JS exploiting you and your system
revolution 28 Mar 2008, 11:50
Cthulhu wrote:
... what is confusing me is that EDI points to 0x00000000 so the bits 0 and 1 are not set, aren't they? So why ze zero flag was set?
It does not matter what EDI points to, because it takes the value of EDI directly (in this case EDI=0x004036D0, so you get 0x004036D0 AND 0x00000003).

If you want to test the memory address pointed to by EDI use any of these:
Code:
test dword[edi],3
test word[edi],3
test byte[edi],3    
Post 28 Mar 2008, 11:50
View user's profile Send private message Visit poster's website Reply with quote
Cthulhu



Joined: 12 May 2005
Posts: 29
Cthulhu 28 Mar 2008, 12:10
Thanks a lot revolution and DJ Mauretto!
Post 28 Mar 2008, 12:10
View user's profile Send private message Reply with quote
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP 28 Mar 2008, 21:20
Code:
; C-Style

If (edi % 4 == 0)
; code
Else
; here's the jump destination
    

Is equal to this in ASM:
Code:
test edi,3
jnz .end
; code
.end: ; here's the jump dest.
    

It's in Intel Optimization Manual, I use it for conditional jumping with power-of-two operand.
Post 28 Mar 2008, 21:20
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.