Figure A.2 High-level/low-level view of a two-way conditional.Notice the unconditional JMPright after the function call. That is where the
first condition skips the else block and jumps to the code that follows. The
basic pattern to look for when trying to detect a simple ‘if-else’statement
in a disassembled program is a condition where the code that follows it ends
with an unconditional jump.
Most high-level languages also support a slightly more complex version of
a two-way conditional where a separate conditional statement is used for each
of the two code blocks. This is usually implemented by combining the ‘if’
and else-ifkeywords where each statement is used with a separate condi-
tional statement. This way, if the first condition is not satisfied, the program
jumps to the second condition, evaluates that one, and simply skips the entire
conditional block if neither condition is satisfied. If one of the conditions is sat-
isfied, the corresponding conditional block is executed, and execution just
flows into the next program statement. Figure A.3 provides a high-level/low-
level view of this type of control flow construct.Multiple-Alternative Conditionals
Sometimes programmers create long statements with multiple conditions,
where each condition leads to the execution of a different code block. One way
to implement this in high-level languages is by using a “switch”block (dis-
cussed later), but it is also possible to do this using conventional ‘if’state-
ments. The reason that programmers sometimes must use ‘if’statements is
that they allow for more flexible conditional statements. The problem is that
‘switch’blocks don’t support complex conditions, only the use of hard-
coded constants. In contrast, a sequence of ‘else-if’statements allows for
any kind of complex condition on each of the blocks—it is just more flexible.if (SomeVariable == 7)SomeFunction();elseSomeOtherFunction();cmp [Variable1], 7
jne ElseBlock
call SomeFunction
jmp AfterConditionalBlock
ElseBlock:
call SomeOtherFunction
AfterConditionalBlock:
...Assembly Language Code High-Level CodeReversed490 Appendix A21_574817 appa.qxd 3/16/05 8:52 PM Page 490