How to compare two addresses in x86 assembly?

Question

I am trying to do some byte injection in a program to perform a specific task when ecx+5C is equal to a specific address which I supply an immediate value for. I'm trying to do something like the following: cmp [ecx+5C], 1D59D3BC. However I get an error. Does anyone know how I could compare a register+offset address to an immediate address in x86 assembly?

Take a look at [**Addressing in Assembler**](https://stackoverflow.com/questions/2364162/addressing-in-assembler) and grab the .pdf referenced in the answer. (the short answer to your questions is *remove the `[ ]`s* to compare the address -- instead of the value stored at that address....) — David C. Rankin, Jul 14 '17 at 21:24
Do you want to compare the addresses, or compare the memory contents pointed to by those addresses? Addresses are just like integers that you can compare with `cmp`, as Paul H says. (It usually makes most sense to check flags afterwards for above/below, rather than signed greater/less. nvm, you're just looking for equal) — Peter Cordes, Jul 14 '17 at 23:07

score 4 · Answer 1 · answered Jul 15 '17 at 13:55

I'm trying to do something like the following: cmp [ecx+5C], 1D59D3BC.
However I get an error.

Possible causes why this will fail:

You need to specify an hex prefix or suffix for the assembler to accept your instruction.
You need to specify the size of the operation. The assembler doesn't guess for you.

Try any of the following (depends on your assembler):

cmp dword ptr [ecx + 5Ch], 1D59D3BCh
cmp dword ptr [ecx + 0x5C], 0x1D59D3BC
cmp dword [ecx + 5Ch], 1D59D3BCh
cmp dword [ecx + 0x5C], 0x1D59D3BC

Does anyone know how I could compare a register+offset address to an immediate address in x86 assembly?

lea eax, [ecx + 5Ch]   ;put the address in EAX
cmp eax, 1D59D3BCh   ;compare with the immediate

But shorter as PaulH showed in a comment:

cmp ecx, 1D59D3BCh - 0000005Ch

How to compare two addresses in x86 assembly?

1 Answers1