Hi guys,
It's been a while since I posted here, but I've been around and reading surfing the forums from time to time.
I've a question what the difference is between a normal call such as:
call MyFunction
and
mov eax,offset MyFunction
call eax
Both should work the same way right? But when I debug it and change it manually it crashed after a while.
Thanks in advance
using offset isn't a great idea, but yeah it's the same as calling directly, is still calling an address only difference obviously is it's in a register.
lea eax,MyFunction
call eax
is better
Hi E^cube thanks for the fast reply
Yeah I was assuming the same, but still why does it crash after a while. When I put a breakpoint on the call and then step into it it goes fine. But later when I step into another call the app crashes for some reason. I checked the stack values etc, everything is the same, but still it crashes.
if CALL MyFunc works and CALL EAX does not, it is because there should be a value in EAX that is being destroyed
otherwise, there is nothing wrong with CALL EAX - it can be a little bit faster, depending on how the address is loaded
call xyx is relative, where as call eax is absolute. The former is better for location independent code and reduces the number of relocations the loader has to do. Most EXE have the relocations stripped, but DLL and SYS files should have them.
Your code is crashing for some other reason, as you haven't posted it, it will be particularly hard for anyone to guess where your bug is.
dedndave yes that's a possibility, but I've tried calling without using a register as well, like this:
call dword ptr [static address]
Still it crashes, which is really weird. I'm going to look more in to it, I thought it was a small problem.
@clive: I'm wondering why it crashes, all I'm doing is replacing call address with call dword ptr [static address]. Shouldn't it work the same way?
Thanks
Clive may be onto something, there
perhaps you have not correctly converted the relative address to absolute
Problem fixed. Everything works fine, the problem was a stupid mistake of mine. The offset was wrong, so I actually called the wrong function/procedure.
Such mistakes always happen to me. Sorry guys! And thanks for helping out.
Quote from: kemicza on June 16, 2010, 07:35:53 PM
Problem fixed. Everything works fine, the problem was a stupid mistake of mine. The offset was wrong, so I actually called the wrong function/procedure.
Such mistakes always happen to me. Sorry guys! And thanks for helping out.
Dont forget to adjust the stack balance.