Re: [colorforth] How to recreate the 31 July color.com
- Subject: Re: [colorforth] How to recreate the 31 July color.com
- From: albert@xxxxxxxxxxxxxxxxxx (Albert van der Horst)
- Date: Sat, 23 Feb 2008 13:08:07 +0100
On Fri, Feb 22, 2008 at 06:11:41PM -0700, John Comeau wrote:
<SNIP>
>
> I ran byte-by-byte and assembler-line-by-assembler-line comparisons
> until I got everything but the actual numeric opcodes the same; GNU's
> "as" and MASM just choose different variants.
I'm very proud that my reverse engineering system doesn't
have that problem, but of course it is written in Forth.
It distinguishes between
MOV, T| BX| R| AX'|
and
MOV, F| AX| R| BX'|
(move register ax from bx, move register bx to ax)
which are actually different opcodes in Intel.
I used the same comparison technique as you.
If you imagine that you have multi megabyte executables, the opcode
problem could become unbearable.
More on my site below. Choose FTP, then pub then colorforth.
Groetjes Albert
--
Albert van der Horst, UTRECHT,THE NETHERLANDS
Economic growth -- like all pyramid schemes -- ultimately falters.
albert@spe&ar&c.xs4all.nl &=n http://home.hccnet.nl/a.w.m.van.der.horst
---------------------------------------------------------------------
To unsubscribe, e-mail: colorforth-unsubscribe@xxxxxxxxxxxxxxxxxx
For additional commands, e-mail: colorforth-help@xxxxxxxxxxxxxxxxxx
Main web page - http://www.colorforth.com
