0

This is WATCOM compiler. Assembler code below try create random 8 letters to compose zero terminated string.

cseg01:0001F544 Try_Write_To_Disk proc near             ; CODE XREF: Check_CDRom+46p
cseg01:0001F544
cseg01:0001F544 var_19          = byte ptr -19h
cseg01:0001F544 var_10          = byte ptr -10h
cseg01:0001F544
cseg01:0001F544                 push    ebx
cseg01:0001F545                 push    edx
cseg01:0001F546                 sub     esp, 10h
cseg01:0001F549                 xor     ebx, ebx
cseg01:0001F54B
cseg01:0001F54B loc_1F54B:                              ; CODE XREF: Try_Write_To_Disk+26j
cseg01:0001F54B                 call    GetRandomControl ; get random number
cseg01:0001F550                 imul    edx, eax, 1Ah
cseg01:0001F553                 mov     eax, edx
cseg01:0001F555                 sar     edx, 1Fh
cseg01:0001F558                 shl     edx, 0Fh
cseg01:0001F55B                 sbb     eax, edx
cseg01:0001F55D                 sar     eax, 0Fh
cseg01:0001F560                 inc     ebx
cseg01:0001F561                 add     al, 41h ; 'A'
cseg01:0001F563                 mov     [esp+ebx+18h+var_19], al
cseg01:0001F567                 cmp     ebx, 8
cseg01:0001F56A                 jl      short loc_1F54B
cseg01:0001F56C                 xor     ah, ah
cseg01:0001F56E                 mov     [esp+18h+var_10], ah ; zero terminated string

This code could be converted to C++ code below:

bool Try_Write_To_CDRom()
{
    char buff[9]; //8 letters + terminated 0 = 9

for ( int i = 0; i < 8; i++ )
{

    int val = GetRandomControl(); //get random number

    val = val % 27;//26 letters in alphabet

    char ch = (unsigned char) val + 0x41; //0x41 is capital A letter

    buff[i] = ch;
}

buff[8] = 0;

//printf(buff);

I have question about this line of code:

cseg01:0001F56E                 mov     [esp+18h+var_10], ah

I think this line of code above is wrong because terminated zero is writes at 10 position of char buffer and it is not correct, and should be as:

cseg01:0001F56E                 mov     [esp+ebx+18h+var_19], ah

or should be as:

cseg01:0001F56E                 mov     [esp+8h+18h+var_19], ah

Because in this way:

cseg01:0001F56E                 mov     [esp+18h+var_10], ah

terminated zero is writes to 10 position of char buff[10] = ah, and should be like this buff[8] = ah. I.e. 8 chars letters writes to buff[0] ... buff[7] and terminated zero is writes to buff[8] i.e. 9 position.

Am I right in my speculations?

Thank in advance!

black4
  • 333
  • 1
  • 6

1 Answers1

1

Inc ebx ebx=>1.

[esp+ebx+18h+var_19]=> [esp+1+18h+-19] is [esp+0]

So it writes at 0,1,2,3,4,5,6,7 total 8 bytes

Then writes zero esp+8 the ninth byte. See screenshot enter image description here

blabb
  • 16,376
  • 1
  • 15
  • 30