flat assembler
Message board for the users of flat assembler.

Index > Main > i dont understand this..(the $ symbol)

Author
Thread Post new topic Reply to topic
Moodyk9



Joined: 01 May 2014
Posts: 1
Moodyk9
Quote:

There are also some special symbols that can be used inside the numerical expression. First is $, which is always equal to the value of current offset,


i dont understand this, i tried too look at it in ollydb but when i try to pin point it using message box it give me address of something dont exist can somebody explain please?
Post 01 May 2014, 19:04
View user's profile Send private message Reply with quote
badc0de02



Joined: 25 Nov 2013
Posts: 216
Location: %x
badc0de02
$=current offset

jmp $
is the same as (loop forever)
x: jmp x
Post 01 May 2014, 19:46
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17284
Location: In your JS exploiting you and your system
revolution
You can think of $ as always equalling {E|R}IP.
Post 02 May 2014, 02:25
View user's profile Send private message Visit poster's website Reply with quote
Bargest



Joined: 09 Feb 2012
Posts: 79
Location: Russia
Bargest
revolution wrote:
You can think of $ as always equalling {E|R}IP.

Not EIP, but EIP minus size of current command. Because
Code:
jmp $    

is equal to
Code:
label: jmp label    

But at this point EIP is equal to address of the next command. And this code will compile as 0xEB 0xFE, which means "jump -2".

_________________
jmp $ ; Happy end!
Post 02 May 2014, 14:58
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17284
Location: In your JS exploiting you and your system
revolution
Sure. But that is merely an implementation issue of the x86. Other CPUs can do different things. At the assembly level $ is the same as IP in the logical sense of being the address of the current instruction.
Post 02 May 2014, 15:35
View user's profile Send private message Visit poster's website Reply with quote
shutdownall



Joined: 02 Apr 2010
Posts: 518
Location: Munich
shutdownall
revolution wrote:
You can think of $ as always equalling {E|R}IP.


Well - depends on type of segment.
If you create a data segment (no execute) it wouldn't be suitable to compare it with the actual position of IP. Or when using segmented addresses in real mode.
Post 03 May 2014, 17:00
View user's profile Send private message Send e-mail Reply with quote
badc0de02



Joined: 25 Nov 2013
Posts: 216
Location: %x
badc0de02
$=current offset
$$=offset from the begin of you code

Code:
org 0x7c00
boot: jmp boot ; loop
times 512-($-$$) db 0 ; times 512-((0x7c00+2)-0x7c00)
    
Post 04 May 2014, 08:24
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.