thanks !
ADDR operator is used in macros
OFFSET operator is used in normal code
OFFSET operator is used in normal code
both get address of label,
addr used get address of local variable, offset isn't
offset can address of label that after, addr can't
ex:
invoke functiona,addr label1 ; wrong
invoke function,offset label1; ok
label1:
addr used get address of local variable, offset isn't
offset can address of label that after, addr can't
ex:
invoke functiona,addr label1 ; wrong
invoke function,offset label1; ok
label1:
Now is my turn for explanation. Take it that you have the following code
So mov eax, Hello for masm will become, mov eax, ds:[402000]. So the offset keyword tells the masm to asssemble that 402000 as an immediate instead of memory, ie assembler mov eax, offset Hello to mov eax, 402000.
The lea opcode is more interesting. It is just assembled as memory, ie for lea eax, Hello, it would become lea eax, ds:[402000]. For local variables, those variables on the stack and relative to ebp, lea works fine; This is because lea can do limited addition or subtraction or multiplication. So lea eax, actually means mov eax, value of ebp + xx. Offset does not work for local variables because the assembler do not know the value of ebp at run time.
.data
Hello db "Hello world",0 ;which when assembled starts on the address 402000h
So mov eax, Hello for masm will become, mov eax, ds:[402000]. So the offset keyword tells the masm to asssemble that 402000 as an immediate instead of memory, ie assembler mov eax, offset Hello to mov eax, 402000.
The lea opcode is more interesting. It is just assembled as memory, ie for lea eax, Hello, it would become lea eax, ds:[402000]. For local variables, those variables on the stack and relative to ebp, lea works fine; This is because lea can do limited addition or subtraction or multiplication. So lea eax, actually means mov eax, value of ebp + xx. Offset does not work for local variables because the assembler do not know the value of ebp at run time.
I just can add that
ADDR is some kind of macro, IMHO
When after ADDR you use label, that is known at compile time, then ADDR=offset, so masm use PUSH LABEL in invoke
when label is LOCAL, then masm generates in invoke
invoke functiona,addr label1 ; NOT wrong
invoke function,offset label1; ok
label equ $ADDR is some kind of macro, IMHO
When after ADDR you use label, that is known at compile time, then ADDR=offset, so masm use PUSH LABEL in invoke
when label is LOCAL, then masm generates in invoke
lea EAX,LABEL
push EAXlovelypp,
In MASM notation the operator "OFFSET" literally means a distance from the beginning of the file. It is used to get the address of data stored in either the .DATA or .DATA? sections which are a distance or OFFSET from the beginning of the file.
The operator "ADDR" is specific to the "invoke" syntax that MASM uses and it will do either an OFFSET or it will determine the address of a LOCAL variable created at runtime on the stack using the LEA instruction.
There are times when you can get away with variations in the "invoke" syntax but you are better to use ADDR within an invoke statement for safety reasons.
Regards,
http://www.asmcommunity.net/board/cryptmail.php?tauntspiders=in.your.face@nomail.for.you&id=2f46ed9f24413347f14439b64bdc03fd
In MASM notation the operator "OFFSET" literally means a distance from the beginning of the file. It is used to get the address of data stored in either the .DATA or .DATA? sections which are a distance or OFFSET from the beginning of the file.
The operator "ADDR" is specific to the "invoke" syntax that MASM uses and it will do either an OFFSET or it will determine the address of a LOCAL variable created at runtime on the stack using the LEA instruction.
There are times when you can get away with variations in the "invoke" syntax but you are better to use ADDR within an invoke statement for safety reasons.
Regards,
http://www.asmcommunity.net/board/cryptmail.php?tauntspiders=in.your.face@nomail.for.you&id=2f46ed9f24413347f14439b64bdc03fd