Hi all,

I came across a piece of code.
I didnt understand the last 2 lines of the code. Can anyone explain it, pls?

In msdn it says "If the function succeeds, the return value is nonzero. If the function fails, the return value is zero."

``       push parameters	call	SetFileAttributes	dec	eax	jne	somewhere``

Thanks.

Posted on 2011-01-11 16:03:17 by hakand
Those 2 lines of code assume that the function returns either 0 or 1 (very bad practice). A much better approach is:

``      or eax, eax      jz it_is_zero:it_is_not_zero``

or something similar.
Posted on 2011-01-11 18:04:03 by ti_mo_n
By standard practice, the return value of a function is placed on eax register.
So to test an error, you have to test eax, against with zero which can be done by any of the follows:
``test eax, eaxand eax, eaxor eax, eaxcmp eax, 0``

AND and TEST are both AND-Gate operations. The only difference is that TEST doesn't have a write cycle nor overwrite the result on the destination register.

They set a zero flag so you can do:
``jz label ;go to somewhere if equals to zerojnz label ;go to somewhere if not equals to zero``

``dec	eaxjne	somewhere``

-First, jne (jump not equal) is the same as jnz (jump not zero). The way the processor knows if two numbers are equal is by subtracting. If the result equals zero then the two numbers are equal and sets a zero flag.

In your code, it assumes that eax is 0 or 1.
-If eax is 1, after dec eax; eax will become 0 and sets a zero flag. It will not jump since the new value is 0. But the original value was not 0 but 1, so it is doing the opposite of what the statement says (jne).
-If eax is 0, after dec eax; eax will become -1 and NOT set a zero flag. It will jump since the new value is not 0 but -1. The original value was not -1 but 0, so again is doing the opposite of the statement (jne).