Can somebody tell me where jumps like the one below lead to?

mov  eax, large fs:18h
jmp dword ptr


This one's for glBegin().

Thanks.  :shock:
Posted on 2005-06-01 09:23:33 by flapper
A data stored in TEB. That's the best I can tell you

PS: Take a look at http://www.asmcommunity.net/board/index.php?topic=18871.0
Posted on 2005-06-01 09:39:28 by roticv
FS:xx is the Thread Information Block, which has a lot of thread-specific information... one of the members is the OpenGL dispatch table, which is what you have encountered. I don't really know why it's implemented that way... I mean, of course you need some context information, but a dispatch table? Ho humm.
Posted on 2005-06-01 09:44:06 by f0dder
Is there a way to somehow know what's behind the jump or to somehow find out to what address the jump jumps to?

Couldn't I just move the address it jumps to in a register and read out whats behind that address with ReadProcessMemory() ?
Posted on 2005-06-01 09:58:59 by flapper
flapper, you can use a debugger. The calls will eventually end up in your graphics driver... I guess the dispatch table approach might have been chosen so the driver can implement the functions it supports natively, and have default software emulation paths for the rest... why the dispatch table is in the TIB/TEB is beyond me, though.
Posted on 2005-06-01 10:05:01 by f0dder
I really dont know anything about debuggers, can you help me?  :)
Posted on 2005-06-01 13:19:12 by flapper
Start by getting your hands on OllyDbg. Unfortunately it seems like the main site has disappeared :-s, go to http://ollydbg.win32asmcommunity.net/ . Another free and very powerful debugger is Microsoft WinDbg, it's not very 'beginner friendly' though :)
Posted on 2005-06-01 13:33:10 by f0dder