0

I'm trying to understand what this subroutine does. It goes like this:

sub_407690 proc near
jmp     ds:dword_415764
sub_407690 endp

dword is defined as

dword_415764    dd 1702Ch

So what I understand is it jumps to address of data segment + 1702Ch. But how do I know what is in data segment register? I am using IDA Pro and when I click on dword_415764 it simply goes to its definition but I want to jump to the location where that jmp leads. Please help me understand this. And I would appreciate if you gave me some resources to educate myself in this area, because I couldn't find anything on Google.

Peter Cordes
  • 328,167
  • 45
  • 605
  • 847
Simon Rusinov
  • 29
  • 1
  • 5
  • 5
    You can ignore `ds` in flat memory model. Also, no, the `ds` applies to the `dword_415764` not the `1702Ch` contained within, which will use `cs` as it's a near jump. – Jester Jan 21 '22 at 22:07
  • Thanks for your answer but could you explain in more detail? I still don't understand the exact address where the jump will be made. @Jester – Simon Rusinov Jan 21 '22 at 22:15
  • 1
    Set a breakpoint there and single-step it if you're unsure what the new EIP will be after this executes. (Assuming this is part of something you can actually run. If not, you could write your own toy example using a memory-indirect jump and see how IDA disassembles it and how it runs.) – Peter Cordes Jan 21 '22 at 22:21

0 Answers0