How can I convert an address to a 16 bit code segment (CS register)? For example, if the .text segment starts at 00E51000, how is the CS register computed for that segment? This question is specific to 32bit x86 architecture.
Asked
Active
Viewed 517 times
0
-
2I saw your other question, and I'm not quite sure what you mean by this. I'm wondering there is an XY problem here. My question is that you seem to be trying to achieve something specific or trying to solve a problem. What is the problem you are really trying to solve, and maybe we can better help give a response. Is this related to Windows debugging? Bootloader/OSDev development? Is this related to IDA/IDA Pro? – Michael Petch Feb 10 '19 at 02:37
1 Answers
3
In 32-bit mode, you can (and usually should) always use a CS value that references a GDT entry with base=0 / limit=-1. If you're running in user-space under a mainstream OS, your process will already start with that being the case. In fact, DS/ES/SS will be set up the same way, i.e. a flat memory model. (FS or GS might have a non-zero base for thread-local storage.)
Then you can reference memory in that section/segment with offset = 0x00E51000. e.g. mov eax, 0x00E51234 / jmp eax.
With DS/ES/SS also being 0 / -1, you have a flat memory model where mov eax, [0x00E51234] loads the same bytes that you would have jumped to.
Peter Cordes
- 328,167
- 45
- 605
- 847