Results 1 to 2 of 2

Thread: Ollydbg v1.10 and 6E/6F/A6 opcodes, a little oversight

  1. #1
    Red wine, not vodka! ZaiRoN's Avatar
    Join Date
    Oct 2001
    Location
    Italy
    Posts
    922
    Blog Entries
    17

    Ollydbg v1.10 and 6E/6F/A6 opcodes, a little oversight

    Just yesterday a new version of Ollydbg was released, but I’m still using the old 1.10 version. It’s a really good debugger and until some days ago I did it on few errors inside the disasm engine, nothing compared with Ida's bug btw. Look here:

    0047C720 6E OUTS DX,BYTE PTR ES:[EDI]
    0047C721 6F OUTS DX,DWORD PTR ES:[EDI]


    According to Intel Manual’s opcode map 0×6E is defined as “OUTS/OUTSB DX, Xb”.
    The first operand is DX register, and the second one is defined as an “Xb” operand.
    X: memory addressed by DS: (E)SI
    b : byte, regardless of operand-size attribute
    The error is obvious, Ollydbg shows EDI instead of ESI.

    There’s something similar with A6 opcode. Ollydbg v1.10 shows:
    004012FA A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
    but the right line is:
    004012FA A6 CMPS BYTE PTR DS:[EDI],BYTE PTR ES:[ESI]

    It’s an oversight on X and Y addressing method.
    The errors occour in v1.10 only, v2 shows the right instructions. I asked to Olly (Oleh Yuschuk) and he kindly replied: “Unfortunately, I will not correct it in 1.10…This project is closed, and I don’t want to make any modifications.”. Ok, I’ll switch to v2.
    Last edited by ZaiRoN; April 20th, 2008 at 18:05.

  2. #2
    Administrator dELTA's Avatar
    Join Date
    Oct 2000
    Location
    Ring -1
    Posts
    4,206
    Blog Entries
    5
    Hehe, you've become quite the binary code master after coding that disasm engine ZaiRoN. Keep up the good work anyway.
    "Give a man a quote from the FAQ, and he'll ignore it. Print the FAQ, shove it up his ass, kick him in the balls, DDoS his ass and kick/ban him, and the point usually gets through eventually."

Similar Threads

  1. IDA disasms reserved opcodes, is it a bug?
    By ZaiRoN in forum Blogs Forum
    Replies: 3
    Last Post: April 9th, 2008, 15:41
  2. The REAL meaning of opcodes!
    By Zero in forum Off Topic
    Replies: 1
    Last Post: July 10th, 2005, 14:16
  3. Ollydbg F7
    By warf in forum OllyDbg Support Forums
    Replies: 3
    Last Post: February 12th, 2005, 04:03
  4. Patching .NET opcodes
    By Mr_BlacK in forum The Newbie Forum
    Replies: 23
    Last Post: April 2nd, 2004, 11:36
  5. code opcodes interpreted by OD as data???
    By Anonymous in forum OllyDbg Support Forums
    Replies: 1
    Last Post: March 31st, 2003, 15:30

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •