Quote:
Originally Posted by BlackWhite
[esp+4] is actually hWND which is ready to process the current message.
Thanks.
|
Well, taking a look at the Actual BP in your code
Code:
77D1872A or byte ptr [eax+FB4], 1
Here77D18731 call [ebp+8] There
77D18734 mov ecx, fs:[18]
In
Here ESP+4 Is indeed pointing at the right address but when you are at
There, ESP has changed because the call instruction pushes the return address into the stack.
So the question is, and I DO NOT know the answer off hand, does the Conditional gets evaluated before, during or after the call instruction??
I know that by design, 'Break on Read' or 'Break on Write' are evaluated AFTER the instruction at the bp has executed. . .