5.0 pseudo code
The pseudo code is to the processor's instruction, which is actually the readable version of the original hexadecimal code. Therefore, assembly is the lowest programming language. All things in the assembly are directly translated into hexadecimal code. In other words, you didn't translate advanced languages as a worries on the compiler of low-level languages, and the assembler only converts assembly code into raw data.
This chapter will discuss some pseudo codes used to operate, bit operations. There is also a jump instruction, and more other pseudo codes are described later.
3. 1 Some basic calculation pseudo code
MOV
This instruction is used to move one place (in fact copying) another place. This place can be a register, a memory address, or a direct value (of course, can only be used as the source value). The syntax of the MOV instruction is:
MOV target, source
You can move a register to another (note that the instruction is in the value of the value to the target, although the name "MOV" is the meaning of the move)
MOV EDX, ECX
The above instructions copies the contents of ECX to ECX, and the sizes of the source and target should be consistent. For example, this instruction is illegal:
MOV Al, ECX; illegal
This pseudo code attempts to load a DWORD (32-bit) value into a byte (8-bit) register. This cannot be done by the MOV directive (there are other instructions do this). But these instructions are allowed because there is no difference between the source and the target:
MOV Al, BLMOV CL, DLMOV CX, DXMOV ECX, EBX
The memory address is indicated by the OFFSET (in Win32, more information in the previous chapter) You can also get a value from a certain place of the address and put it in a register. Here's an example:
Offset
34
35
36
37
38
39
3A
3B
3C
3D
3E
3F
40
41
42
Data
0D
0A
50
32
44
57
25
7A
5E
72
EF
7D
FF
AD
C7
Every block represents a byte
The value of Offset is expressed here in the form of bytes, but it is actually a 32-bit value, such as 3A (this is not a common version of OFFSET, but if you don't do this, you can't install it), this is also a 32-bit Value: 0000003AH. Just saving space, use some uncommon low OFFSET. All values are 16 envelopes.
Offset 3a looking at the table. The data of the OFFSET is 25, 7a, 5e, 72, ef, etc. For example, to put this value of 3A with MOV into the register:
MOV Eax, DWORD PTR [0000003AH]
(H suffix shows this is a hexadecimal value)
MOV EAX, DWORD PTR [0000003AH] This instruction means: put the value of the DWORD size of the memory address 3a in the EAX register. After the instruction is executed, the EAX contains a value of 725E7A25H. You may notice that this is in memory: 25 7A 5E 72. This is because the value stored in the memory uses the Little Endian format. This means that the higher the number of bytes, the higher the number of bytes: the byte order is reversed. I think some examples can make you clear this.
The hexadecimal DWORD (32-bit) value is put in memory: 40, 30, 20, 10 (each value accounts for one byte (8 digits))
This is true when the hexadecimal Word (16-bit) value is put in memory: 50, 40
Back to the previous example. You can also do this for other sizes:
MOV CL, BYTE PTR [34H]; CL Gets value 0DH (Reference Table) MOV DX, Word PTR [3Eh]; DX will get a value of 7DEFH (look at the table, remember) Size is sometimes not necessary.
Mov Eax, [00403045H]
Because EAX is a 32-bit register, the compiler assumes (can only be done) it should take a 32-bit value from the address 403045 (hex).
The direct value is allowed:
Mov EDX, 5006
This is just a value of the EDX register 5006, chunt [and] is used to take the value from the memory address between parentheses, without parentheses, just this value. Registers and memory addresses can also be (he should be 32-bit registers in the 32-bit program):
MOV EAX, 403045H; Make EAX equipped with a value of 403045H (hexadecimal) MOV CX, [EAX], moves the value (403045) of the Word size of the memory address EAX into the CX register.
In MOV CX, [EAX], the processor will first view the EAX installation value (= memory address), then what is the value in that memory address, and put this Word, because the target -CX-is a 16 Bit register) is transferred to CX.
Add, Sub, MUL, DIV
Many pseudo codes do calculation work. You can guess most of them: add (add), sub (minus), MUL (multiplying), div (division), etc.
The add pseudo code has the following syntax:
Add target, source
The operation is the target = target source. The following format is allowed.
the goal
source
example
Register
Register
Add ECX, EDX
Register
Memory
Add ECX, DWORD PTR [104H] / Add ECX, [EDX]
Register
Immediate value
Add Eax, 102
Memory
Immediate value
Add DWORD PTR [401231H], 80
Memory
Register
Add DWORD PTR [401231H], EDX
This directive is very simple. It just adds the source value to the target value and saves the result in the target. Other mathematical instructions are:
SUB target, source (target = target - source) MUL target, source (target = target × source) DIV source (EAX = EAX / source, EDX = Yu number)
The subtraction is the same as the addition, the multiplication is the target = target × source. The division is different because the register is an integer value (note that the number of winding is not floating point) division results are divided into merchants and remainder. E.g:
28 / 6-> Commercial = 4, the remainder = 430 / 9-> 商 = 3, the remainder = 397 / 10-> 商 = 9, the remainder = 718 / 6-> = 3, the remainder = 0
Now, depends on the size of the source, the merchant (part) is existing EAX, the remainder (part) is in EDX:
Source
division
Commercial in ...
The remainder exist ...
Byte (8-bits)
AX / source
Al
AH
Word (16-bits)
DX: AX * / SOURCE
AX
DX
DWORD (32-bits)
EDX: EAX * / SOURCE
EAX
EDX
*: For example, if DX = 2030h, and AX = 0040H, DX: AX = 20300040H. DX: AX is a double word value. Among them, high words represent DX, low words represents AX, EDX: EAX is a four-word value (64-bit) its high character is ED.
Div pseudo code source can be
AN 8-Bit Register (Al, AH, Cl, ...) A 16-Bit Register (AX, DX, ...) A 32-Bit Register (EAX, EDX, ECX ...) AN 8-bit Memory Value (Byte PTR [xxxx]) A 16-bit Memory Value (Word PTR [xxxx]) A 32-bit Memory Value (DWORD PTR [xxxx])
The source cannot be a direct value because the processor cannot determine the size of the source parameter.
Bit operation
These instructions are all source and targets, except for the "NOT" instruction. Each bit in the target is compared to each bit in the source and looks like that instruction, decide whether 0 or 1 is placed in the target bits.
instruction
AND
Oral
Xor
NOT
Source position
0
0
1
1
0
0
1
1
0
0
1
1
0
1
Target position
0
1
0
1
0
1
0
1
0
1
0
1
X
X
Output bit
0
0
0
1
0
1
1
1
0
1
1
0
1
0
If the source and goals are 1, and the AND sets the output bit to 1.
If there is a source and target in the target, the OR is set to 1.
If the source and target bits are different, XOR sets the output bit to 1.
NOT reverse source position
one example:
MOV AX, 3406MOV DX, 13EAHXOR AX, DX
AX = 3406 (hexadecimal) is a binary 0000110101001110
DX = 13ea (hexadecimal) is a binary 0001001111101010
To do this bit:
source
0001001111101010 (DX)
the goal
0000110101001110 (AX)
Output
0001111010100100 (New AX)
New DX is 0001111010100100 (decimal 7845, hexadecimal 1EA4)
another example:
MOV ECX, FFFF0000HNOT ECX
FFF0000 is 1111111111111111000000000000000000 (16 1,16 0) if it is reversed every one.
000000000000000000111111111111111111 (16 0,16 1) is 0000FFF in hexadecimal. Therefore, after the Not operation is performed, ECX is 0000FFFFH.
Steps / reduction
There are two very simple instructions, DEC and INC. These instructions have caused memory addresses and registers to increase or step, that is, this:
INC REG -> REG = REG 1DEC REG -> REG = REG - 1INC DWORD PTR [103405] -> The value step by 103405 DEC DWORD PTR [103405] -> The value of 103405 is reduced
NOP
This instruction is not dry. It only takes up space and time. It is used as a patch to fill or give the code.
Bit Rotation and Shifiting Note: Most of the following examples use 8 digits, but this is just to make the purpose.
Shifting function
SHL target, count SHR target, count
SHL and SHR move a certain number of points (count) in the register, memory address.
E.g:
; Here, Al = 01011011 (binary) SHR Al, 3
It means: shift all bits in the Al register three locations. Therefore, Al will become 00001011. The bytes on the left are filled with 0, while the bytes on the right are removed. The last bit is stored in the Carry-Flag. Carry-flag is one of the processor flag registers. It is not like Eax or ECX, where you can access registers (although there is pseudo code dry this), its value determines the structure of the instruction. It (carry-flag) will explain later, the only thing you have to remember is that Carry is one of the flag registers and it can be turned on or off. This bit is equal to the last moving bit.
SHL and SHR are just right left.
; Here BL = 11100101 (binary) SHL BL, 2
After the instruction is executed, the BL is 10010100 (binary). The last two bits were filled by 0, and Carry-Flag was 1 because the last moved bit was 1.
There are two pseudo code:
SAL target, count (arithmetic left shift)
SAR target, count (calculation right shift)
SAL and SHL are the same, but SAR is not completely like SHR. SAR is not a drop-out bit but copy the MSB (highest bit) for example:
Al = 10100110SAR Al, 3Al = 11110100SAR Al, 2Al = 11101001
BL = 00100110SAR BL, 3BL = 00000100
Rotation function
ROL target, count; loop left shift ROR target, count; loop right shift RCL target, count; through the Carry loop left to move the RCR target, count;
The cycle movement looks like shift, but the transferred bit is another side.
For example: ROR (loop right shift)
Bit 7
Bit 6
Bit 5
Bit 4
Bit 3
Bit 2
Bit 1
Bit 0
original
1
0
0
1
1
0
1
1
Cycle move, count = 3
1
0
0
1
1
0 1 1 (removed)
result
0
1
1
1
0
0
1
1
If you see it above, the bit is loop. Note that each of the launched bits is moved to the other side. Like Shifting, the Carry is installing the last bit. RCL and RCR are actually the same as ROL, RCR. Their name suggests that they use the Carry to indicate the last move, but the same thing as ROL and ROR do. They have no difference.
exchange
The XCHG directive is also very simple. It exchanges between two registers and memory addresses:
