CHAPTER 13. SWITCH()/CASE/DEFAULT CHAPTER 13. SWITCH()/CASE/DEFAULT
OllyDbg
Since this example is tricky, let’s trace it in OllyDbg.
OllyDbg can detect such switch() constructs, and it can add some useful comments.EAXis 2 in the beginning, that’s the
function’s input value:
Figure 13.1:OllyDbg:EAXnow contain the first (and only) function argument