0

I've got the following line of code in an assembly level language task:

and dword ptr[esi], 0xFF

From my understanding dword is 32 bits, and FF means we're storing 8 bits or 1 byte into ptr[esi], but what's ptr and what is the purpose of using square brackets to reference our esi register?

Also, how does using an and change the meaning of the line?

Thank you.

Sep Roland
  • 33,889
  • 7
  • 43
  • 76
casperf1
  • 91
  • 1
  • 8
  • Your question is similar with http://stackoverflow.com/questions/2987876/what-does-dword-ptr-mean. Maybe it helps. – Luci Mar 03 '17 at 17:10
  • The type is not determined by the length of the string, it's a dword because you said it is – harold Mar 03 '17 at 17:10
  • 1
    That does `*esi &= 0xff`, that is it clears the top 24 bits. You should do some research if you don't even know what square brackets mean. – Jester Mar 03 '17 at 17:10
  • Thanks for the link there Luci, I was having trouble finding anything involving ands. And thank you Jester for the response as well, however condescending it may be. – casperf1 Mar 03 '17 at 17:18
  • @Jester `*((dword *)esi) &= 0xFF;` casperf1: without brackets the `and` instruction would affect the value in register `esi`, like `and esi,0xff` <=> `esi &= 0xFF;`. And the `and` is the crucial part of the line, it's the actual instruction, so it does change/define the meaning of line completely. It would be "store" if there would be `mov`, `and` is bit-wise arithmetic operation. – Ped7g Mar 03 '17 at 17:48
  • thank you @Ped7g. As far as I can tell from my research, dword prt is a size directive for a 32-bit integer, AND is (as you say) the arithmetic operator, and what this line is doing is ANDing the hex value FF(255) into the 4 bytes starting at the address in ESI. Does that sound about right? – casperf1 Mar 03 '17 at 17:56
  • The `dword ptr` is used because without it, the assembler cannot know the size of the memory operand which `esi` is pointing to. – Weather Vane Mar 03 '17 at 17:58
  • @casperf1 Yes, exactly. The size modifier is needed, because neither `[esi]` or `0xFF` can be used to deduce the "data width" of the operation. Compare with `and [esi],ax` ... where `ax` contains the operand, so it's possible for assembler to deduce the correct "data width" is 16 bit in such case. – Ped7g Mar 03 '17 at 17:59
  • @casperf1 strictly speaking it ANDs the memory operand with `0x000000FF`. – Weather Vane Mar 03 '17 at 18:06
  • that's perfect Weather Vane & Ped7g, thanks for the responses. Much appreciated. @Ped7g, I'm a little curious, when you say `ax` contains an operand, do you mean an operand that specifies the size of the memory to be 16-bit? – casperf1 Mar 03 '17 at 18:08
  • `0xFF` is an *immediate* operand, whereas `ax` is a *register* operand, and `ax` is known by the assembler to be a 16-bit register, so its *content* is not what tells the assembler: `and word ptr[esi], ax` is simply unnecessary. – Weather Vane Mar 03 '17 at 18:14
  • thanks again @WeatherVane – casperf1 Mar 04 '17 at 01:18
  • 0xFF is just a convenient way to write 0x000000FF. – Hans Passant Mar 05 '17 at 17:14

0 Answers0