0

The code in question is:

MOV EAX,DWORD PTR SS:[EBP-2C]            ; EAX now hold pointer to a string
INC EAX                                  ; EAX now points to the 2nd char
MOV AL,BYTE PTR DS:[EAX]                 ; 
MOVSX EDX,AL                             ; EDX now hold the ascii value of the 2nd char
MOV EAX,EDX                              ; EAX now hold the ascii value of the 2nd char
SHL EAX,2                                ; 
ADD EAX,EDX                              ; 
SHL EAX,1                                ; 
LEA EDX,DWORD PTR DS:[EAX-1E0]           ; I dont understand this line

I'm trying to understand what the bellow code does, however the last line doesn't make any sense to me. EAX doesn't hold a legal address, so what is the meaning of that line?

triple fault
  • 13,410
  • 8
  • 32
  • 45
  • 1
    LEA is just simple arithmetic. That does `EDX=EAX-1E0`. – Jester Dec 10 '16 at 01:50
  • 1
    An unrelated heads-up: `MOVSX EDX,AL` will *sign extend* the value in `AL`. That means that your comment "now hold the ascii value" may not be true. (Allowing negative values is even more dangerous than realizing true ASCII only goes up to 127.) You're probably better off using `movzx`. – Jongware Dec 10 '16 at 02:55

0 Answers0