lek_70
Jan 25th, 2002, 10:03 AM
oops! actually i wanna to know the destination of the initial jump of a com file... how to make it huh?
CornedBee
Jan 29th, 2002, 08:16 AM
Assuming you read the binary file (without running a disassembler)
Here are the possible jump instructions:
EB cb JMP rel8 7+m Jump short
E9 cw JMP rel16 7+m Jump near, displacement relative to next instruction
FF /4 JMP r/m16 7+m/10+m Jump near indirect
EA cd JMP ptr16:16 12+m,pm=27+m Jump intersegment, 4-byte immediate address
EA cd JMP ptr16:16 pm=45+m Jump to call gate, same privilege
EA cd JMP ptr16:16 ts Jump via task state segment
EA cd JMP ptr16:16 ts Jump via task gate
FF /5 JMP m16:16 43+m,pm=31+m Jump r/m16:16 indirect and intersegment
FF /5 JMP m16:16 pm=49+m Jump to call gate, same privilege
FF /5 JMP m16:16 5 + ts Jump via task state segment
FF /5 JMP m16:16 5 + ts Jump via task gate
E9 cd JMP rel32 7+m Jump near, displacement relative to next instruction
FF /4 JMP r/m32 7+m,10+m Jump near, indirect
EA cp JMP ptr16:32 12+m,pm=27+m Jump intersegment, 6-byte immediate address
EA cp JMP ptr16:32 pm=45+m Jump to call gate, same privilege
EA cp JMP ptr16:32 ts Jump via task state segment
EA cp JMP ptr16:32 ts Jump via task gate
FF /5 JMP m16:32 43+m,pm=31+m Jump intersegment, address at r/m dword
FF /5 JMP m16:32 pm=49+m Jump to call gate, same privilege
FF /5 JMP m16:32 5 + ts Jump via task state segment
FF /5 JMP m16:32 5 + ts Jump via task gate
Here's the operation format:
http://webster.cs.ucr.edu/Page_TechDocs/Doc386/FIG17-1.GIF
For more information, go here: http://webster.cs.ucr.edu/Page_TechDocs/Doc386/TOC.HTM