jose barroca
September 23rd, 2005, 08:53
Hello all,
I'm puzzled with something here. I'm reading a tutorial, where a program executes the following:
:005F6F7D lea ecx, [ebp+var_280]
:005F6F83 push ecx <-- Vendor code structure
:005F6F84 mov edx, [ebp+arg_0]
:005F6F87 add edx, 30Ch
:005F6F8D push edx <-- Vendor name
:005F6F8E mov eax, [ebp+arg_0]
:005F6F91 push eax <-- Job structure
:005F6F92 call _l_sg
then, it instructs the reader to "note a copy of the vendor structure":
04 00 00 00 19 59 D5 7A ED A3 2D 80 ED 11 A0 18
97 E1 4B 27 A8 21 6A E2 41 04 58 52 09 00 00 00
My question is exactly here: is this the contents of the ECX register, or something that has been pushed onto the stack? And, in either case, how can we actually see it? Is it in some way related to the bottom right sub-window of the CPU window?
Regards,
JB
I'm puzzled with something here. I'm reading a tutorial, where a program executes the following:
:005F6F7D lea ecx, [ebp+var_280]
:005F6F83 push ecx <-- Vendor code structure
:005F6F84 mov edx, [ebp+arg_0]
:005F6F87 add edx, 30Ch
:005F6F8D push edx <-- Vendor name
:005F6F8E mov eax, [ebp+arg_0]
:005F6F91 push eax <-- Job structure
:005F6F92 call _l_sg
then, it instructs the reader to "note a copy of the vendor structure":
04 00 00 00 19 59 D5 7A ED A3 2D 80 ED 11 A0 18
97 E1 4B 27 A8 21 6A E2 41 04 58 52 09 00 00 00
My question is exactly here: is this the contents of the ECX register, or something that has been pushed onto the stack? And, in either case, how can we actually see it? Is it in some way related to the bottom right sub-window of the CPU window?
Regards,
JB