What's the different between these CALLs?

[rengood]

Hi everyone, I'm a newbie here. Here I try to ask a small question.

Two instructions:
   CALL EAX
   CALL DWORD PTR [EAX]

I think they are the instructions with the same meanings. Is that right?

[qWord]

call eax -> eax = function pointer
call DWORD ptr [eax] -> function pointer is stored in a DWORD referenced by eax

[clive]

The first is direct, the second is indirect. It is indirect because it must first read a memory location containing the destination, rather than expressing the destination directly.

The second could also be written as
CALL [eax]

To extend further

CALL eax+4 ; invalid
CALL [eax+4] ; valid, presuming table has such an entry

And the first could be implemented as
PUSH eax
RET

[Vortex]

Hi rengood,

A quick example for you :

Code Select Expand



.386
.model flat,stdcall
option casemap:none

include     \masm32\include\windows.inc
include     \masm32\include\kernel32.inc
include     \masm32\include\user32.inc

includelib  \masm32\lib\kernel32.lib
includelib  \masm32\lib\user32.lib

.data

testvar     dd testproc2
test1       db 'Test1',0
test2       db 'Test2',0

.code

start:

    mov     eax,OFFSET testproc1    ; MOV EAX,00401015  ( OllyDbg output )
    call    eax

    mov     eax,OFFSET testvar      ; MOV EAX,00402000  ( 402000 -> 401029 )
    call    DWORD PTR [eax]

    invoke  ExitProcess,0

testproc1 PROC

    invoke  MessageBox,0,ADDR test1,ADDR test1,MB_OK
    ret

testproc1 ENDP

testproc2 PROC

    invoke  MessageBox,0,ADDR test2,ADDR test2,MB_OK
    ret

testproc2 ENDP

END start