Thread: questions about code
View Single Post
  #2  
Old 02-07-2004, 17:22
Kythen
 
Posts: n/a
Ok, let's see if I can give you a hand here...

#1. align 4 is simply an assembler directive that indicates there is padding (junk bytes) to align the next data item onto a DWORD boundary (4 bytes)

#2. void is a term from C/C++ that in this case means there are no parameters to that function. void can also be used in C/C++ as a return type to indicate that the function does not return a value.

#3. Different high-level languages store strings in different ways. C/C++ style strings consist of the string data followed by a 0 (zero) byte. This 0 byte determines the end of the string.

#4. dd, dw, and db are all mnemonics used most x86 assemblers to define data. dd = DWORD data (4-bytes), dw = WORD data (2-bytes), db = BYTE data (1-byte). You can define more than one data element per dd/dw/db line. OFFSET means that the data is an address of something else. sub_ is just a prefix IDA Pro uses for auto-naming subroutines (functions). unk_ is the prefix for data that IDA hasn't figured out the size or use of.

#5. Well, naturally there's always our best internet friend Google. However, I think some good books on C/C++ and x86 assembly should help you out a lot. hxxp://win32asm.cjb.net has a lot of good win32 assembly tutorials and a board where you can ask win32 asm questions.

Hope this helps!
Reply With Quote