issuhub.com

Reverse Engineering for Beginners

(avery) #1

CHAPTER 35. TEMPERATURE CONVERTING CHAPTER 35. TEMPERATURE CONVERTING


push ecx
push esi
mov esi, DWORD PTR impprintf
push OFFSET $SG4228 ; 'Enter temperature in Fahrenheit:'
call esi ; call printf()
lea eax, DWORD PTR _fahr$[esp+12]
push eax
push OFFSET $SG4230 ; '%d'
call DWORD PTR impscanf
add esp, 12 ; 0000000cH
cmp eax, 1
je SHORT $LN2@main
push OFFSET $SG4231 ; 'Error while parsing your input'
call esi ; call printf()
add esp, 4
push 0
call DWORD PTR impexit
$LN9@main:
$LN2@main:
mov eax, DWORD PTR _fahr$[esp+8]
add eax, -32 ; ffffffe0H
lea ecx, DWORD PTR [eax+eax*4]
mov eax, 954437177 ; 38e38e39H
imul ecx
sar edx, 1
mov eax, edx
shr eax, 31 ; 0000001fH
add eax, edx
cmp eax, -273 ; fffffeefH
jge SHORT $LN1@main
push OFFSET $SG4233 ; 'Error: incorrect temperature!'
call esi ; call printf()
add esp, 4
push 0
call DWORD PTR impexit
$LN10@main:
$LN1@main:
push eax
push OFFSET $SG4234 ; 'Celsius: %d'
call esi ; call printf()
add esp, 8
; return 0 - by C99 standard
xor eax, eax
pop esi
pop ecx
ret 0
$LN8@main:
_main ENDP


What we can say about it:



  • The address ofprintf()is first loaded in theESIregister, so the subsequentprintf()calls are done just by the
    CALL ESIinstruction. It’s a very popular compiler technique, possible if several consequent calls to the same function
    are present in the code, and/or if there is a free register which can be used for this.

  • We see theADD EAX, -32instruction at the place where 32 has to be subtracted from the value.EAX=EAX+
    (−32)is equivalent toEAX=EAX− 32 and somehow, the compiler decided to useADDinstead ofSUB. Maybe it’s
    worth it, it’s hard to be sure.

  • TheLEAinstruction is used when the value is to be multiplied by 5:lea ecx, DWORD PTR [eax+eax*4]. Yes,
    i+i∗ 4 is equivalent toi∗ 5 andLEAworks faster thenIMUL. By the way, theSHL EAX, 2 / ADD EAX, EAX
    instruction pair could be also used here instead— some compilers do it like.

  • The division by multiplication trick (41 on page 468) is also used here.

  • main()returns 0 if we don’t havereturn 0at its end. The C99 standard tells us [ISO07, p. 5.1.2.2.3] thatmain()
    will return 0 in case thereturnstatement is missing. This rule works only for themain()function. Though, MSVC
    doesn’t officially support C99, but maybe it support it partially?

Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2024. All rights reserved.