Menu
I am looking at the assembly language code of a switch statement.
I understand how the code works and what the cases are. My question is how do I decide on the case names?
Below is the assembly language code, which will be followed with my interpretation of it. I basically just need to use the jump table and fill in the case names.
1 8048420: push %ebp
2 8048421: mov %esp, $ebp
3 8048423: mov 0x8(%ebp), %eax // x
4 8048426: mov 0xc(%ebp), %edx // n
5 8048429: sub $0x32, %edx // so least value of case is 32
6 804842c: cmp $0x5, %edx // max value is 37
7 804842f: ja 8048448 <switch+0x28> // if >37, go to default
8 8048431: jmp *0x80485d0(, %edx, 4) //THIS RIGHT HERE ?
9 8048438: shl $0x2, %eax // CASE A
10 804843b: jmp 804844b <switch+0x2b> //break;
11 804843d: sar $0x2, %eax //CASE B
12 8048440: jmp 804844b <switch+0x2b> //break
13 8048442: lea (%eax, %eax, 2), %eax //CASE C
14 8048445: imul %eax, %eax
15 8048448: add $0xa, %eax //fall through to default
16 804844b: pop %ebp //return
17 804844c: ret
The jump table that the gdb command creates: I am doing x/6w 0x80485d0
0x80485d0: 0x08048438 0x08048448 0x08048438 0x0804843d
0x80485e0: 0x08048442 0x08048445
My interpretation:
int result = x;
switch(n) {
case __:
x = x << 2;
break;
case __:
x = x >> 2
break;
case __:
x = 4*x;
x = x*x
case __: //default
x += 0xa
return x;
}
I just don't understand how to look up the jump table and decide which values of n between 32 and 37 fit in which of the case blanks.
Any help would be appreciated. Thank you.
281
Switch Case Syntaxswitch( expression ) { case value-1: Block-1; Break; case value-2: Block-2; Break; case value-n: Block-n; Break; default: Block-1; Break; } Statement-x; The expression can be integer expression or a character expression.
A case or switch statement is a type of selection control mechanism used to allow the value of a variable or expression to change the control flow of program execution via a multiway branch.
As Oli says, there's not much more to do. n-50 is stored in %edx, then switch+0x11 jumps to the address stored in 0x80485d0 + %edx * 4. Looking at the table, that's switch+0x18 when n==50 or 52, switch+0x28 when n==51, switch+0x1d when n==53, switch+0x22 when n==54 and switch+0x25 when n==55.
155
The jump table has 6 values, 5 of which are distinct (thus, there are 5 cases, including the default at 0x8048448). The first and third (which correspond to 0x32 and 0x34) go to the first case, the second (0x33) to the last (fifth) case, the fourth (0x35) to the second case, the fifth (0x36) to the third case, and the sixth (0x37) to the fourth case. Everything else goes to the last (fifth) case, making that the default.
switch (n)
{
case 0x32:
case 0x34:
x <<= 2;
break;
case 0x35:
x >>= 2;
break;
case 0x36:
x *= 3;
case 0x37:
x *= x;
//case 0x33: // not really necessary
default:
x += 10;
}
return x;
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
