-2

does the compiler translate the address operator any different than a pointer?

I'm wondering because the decompiler sometimes shows me:

func_test(&a, &b[0x32*ebx])

which should be essentially the same as

func_test((_DWORD *)a,(_DWORD *)(b+0x32*ebx))

correct? I'm mildy confused by the arithmetic tbh. Does it have any special meaning having it shown this way or is this just to read it easier?

Sawb
  • 67
  • 4
  • 2
    The expressions involving `b` look equivalent, and the first one is simpler and more like LEA syntax. But the expressions involving `a` aren't; you're now casting the value to a pointer, instead of taking the address. This is more of a C question than asm. – Peter Cordes Aug 13 '20 at 04:29
  • 1
    Note that `&b[50 * ebx]` isn't something you can do in one LEA instruction; scale factors can only left-shift by 0..3 bits, not arbitrary multiply. Although a single LEA can multiply by 5 with `lea eax, [ebx + ebx*4]` – Peter Cordes Aug 13 '20 at 04:31
  • @Peter Cordes is this limited due to 4 bytes would 86_64 limit be 8 bytes? also it's still unclear to me if both ways are translated exactly the same way to assembly and if the decompiler just chose this way of showing for optic reasons – Sawb Aug 13 '20 at 04:52

1 Answers1

3

&a returns the address of a, while (_DWORD *)a forces the compiler to reinterpret the content of a as a pointer to a _DWORD. so the two expressions are fundamentally different.

It may be equivalent if a is an array of _DWORD (declared like _DWORD a[A_LENGTH];). In this case &a and a is essentially the same as a in pointer context degrades to a simple pointer, allthough the _DWORD * cast is redundant then.

The expression for b is equivalent.

vlad_tepesch
  • 6,681
  • 1
  • 38
  • 80