How can I get the "lea" instruction from a C++ function by disassembly?

Question

I'm trying to learn reverse engineering, and I'm stuck on this little thing. I have code like this:

.text:10003478                 mov     eax, HWHandle
.text:1000347D                 lea     ecx, [eax+1829B8h] <------
.text:10003483                 mov     dword_1000FA64, ecx
.text:10003489                 lea     esi, [eax+166A98h]<------
.text:1000348F                 lea     edx, [eax+11FE320h]
.text:10003495                 mov     dword_1000FCA0, esi

and I'm wondering, how does it look like in C or C++? Especially the two instructions marked by arrows. HWHandle is variable which holds the a value returned from the GetModuleHandle() function. More interesting is that a couple of lines below this instructions, dword_1000FCA0 is used as a function:

.text:1000353C                 mov     eax, dword_1000FCA0
.text:10003541                 mov     ecx, [eax+0A0h]
.text:10003547                 push    offset asc_1000C9E4 ; "\r\n========================\r\n"
.text:1000354C                 call    ecx

This will draw this text in my game console. Have you got any ideas, guys?

Answer 1

LEA is nothing more than an arithmetic operation : in that case, ECX is just filled with EAX+offset (the very address, not the pointed contents). if HWHandle pointed to a (very large) structure, ECX would just be one of its members.

This could be an associated source code:

extern A* HWHandle;                 // mov     eax, HWHandle
B* ECX = HWHandle->someStructure;   // lea     ecx, [eax+1829B8h]

and later, one of B’s members is used as a function.

*(ECX->ptrFunction(someArg))        // mov     ecx, [eax+0A0h]
                                    // call    ecx