sub eax,0 - does it do anything?

assembly x86 reverse-engineering disassembly
10,317

Solution 1

The sub instruction sets flags (OF, SF, ZF, AF, PF, and CF, according to the documentation) - the mov instruction does not. The jz will jump only if the zero flag (ZF) is set, so if you want to jump based on the value in eax that flag has to be set appropriately.

Solution 2

The sub instruction will set the zero flag if its result is zero. In this case this means that the zero flag will be set if eax is zero.

So these three instructions check if [esp+fdwReason] is zero and jump to loc_10001038 in that case.

Share:
10,317
Filip Haglund
Author by

Filip Haglund

Polyglot programmer looking for big responsibilities in small teams. Enjoys everything large, distributed and parallel. Prefers simple and declarative programming languages (functonal, logic). Truly believes in the right tool for the right job. Startup mentality; always looking for the simplest thing that could possibly work, but also likes preparing for the future. I've seen too many people run their projects into the ground by not thinking ahead. Open to relocate almost anywhere, but prefers working remote. That's how I get more things done.

Updated on June 04, 2022

Comments

  • Filip Haglund
    Filip Haglund almost 2 years

    I just opened a file in IDA Pro and I found some code that looks completely useless. However, I thought it might have some use. Doesn't the sub eax,0 just subtract 0 from eax?

    The code: 

    hinstDLL= dword ptr  4  
fdwReason= dword ptr  8  
lpReserved= dword ptr  0Ch  

mov     eax, [esp+fdwReason]  
sub     eax, 0  
jz      short loc_10001038
  • Filip Haglund
    Filip Haglund about 12 years
    I thought you needed to use the TEST instruction for that. Thanks!
  • Carl Norum
    Carl Norum about 12 years
    test does do an implicit bitwise AND, but doesn't affect all of the same flags. From the test docs: "The OF and CF flags are set to 0. The SF, ZF, and PF flags are set according to the result... The state of the AF flag is undefined."

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How hard is it (really) to decompile assembly code?
What does this assembly code do? (TEST,XOR,JNZ)
Bomb lab phase 5 - 6 char string, movzbl load, and $0xf, %ecx, and index an array with that?
How might I convert Intel 80386 Machine Code to Assembly Language?
Binary Bomb phase 3 stuck
Switch Case Assembly Language
SAR command in X86 assembly with one parameter
JNZ & CMP Assembly Instructions
Need help understanding E8 asm call instruction x86
Identifying signed and unsigned values in assembly