Difference between revisions of "Assembler:Commands:JMP"
Jump to navigation
Jump to search
(→Examples) |
|||
| (12 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| − | '''command''' jmp '' | + | [[Category:Assembler]] |
| + | '''command''' jmp ''size'' ''operand'' | ||
Jumps to the given operand (address). | Jumps to the given operand (address). | ||
| + | |||
| + | |||
| + | <div style="padding:2px;border:1px dashed #2f6fab;background-color:#f4f4f4;"> | ||
| + | Transfers program control to a different point in the instruction stream without recording return information. | ||
| + | The destination (target) operand specifies the address of the instruction being jumped to. | ||
| + | This operand can be an immediate value, a general-purpose register, or a memory location. | ||
| + | |||
| + | This instruction can be used to execute four different types of jumps: | ||
| + | ; Near jump | ||
| + | : A jump to an instruction within the current code segment (the segment currently pointed to by the CS register), sometimes referred to as an intrasegment jump. | ||
| + | ; Short jump | ||
| + | : A near jump where the jump range is limited to -128 to +127 from the current EIP value. | ||
| + | ; Far jump | ||
| + | : A jump to an instruction located in a different segment than the current code segment but at the same privilege level, sometimes referred to as an intersegment jump. | ||
| + | ; Task switch | ||
| + | : A jump to an instruction located in a different task. | ||
| + | |||
| + | [http://c9x.me/x86/html/file_module_x86_id_147.html c9x.me/x86/html/file_module_x86_id_147.html] | ||
| + | </div> | ||
| + | |||
=== Command Parameters === | === Command Parameters === | ||
| Line 8: | Line 29: | ||
!style="width: 80%;background-color:white;" align="left"|Description | !style="width: 80%;background-color:white;" align="left"|Description | ||
|- | |- | ||
| − | | | + | |size '''OPTIONAL''' |
|The preferred size of the assembled address | |The preferred size of the assembled address | ||
|- | |- | ||
| Line 35: | Line 56: | ||
jmp long someLabel // Jump to label with full address. | jmp long someLabel // Jump to label with full address. | ||
| − | |||
| − | + | ||
| + | Running this script in 32 bit mode: | ||
| + | globalAlloc(memTest, 0x200) | ||
| + | memTest: | ||
| + | add [eax],al // db 00 00 | ||
| + | add [eax],al | ||
| + | jmp short -4 | ||
| + | jmp short +2 | ||
| + | add [eax],al | ||
| + | testLbl: | ||
| + | add [eax],al | ||
| + | jmp 02EA0002 | ||
| + | add [eax],al | ||
| + | jmp eax | ||
| + | add [eax],al | ||
| + | jmp memTest | ||
| + | add [eax],al | ||
| + | jmp testLbl | ||
| + | add [eax],al | ||
| + | jmp short testLbl | ||
| + | add [eax],al | ||
| + | jmp long testLbl | ||
| + | add [eax],al | ||
| + | db 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 | ||
| + | |||
| + | [[File:Assembler.JMP.02.png]] | ||
Running this script in 64 bit mode: | Running this script in 64 bit mode: | ||
globalAlloc(memTest, 0x200) | globalAlloc(memTest, 0x200) | ||
| − | |||
memTest: | memTest: | ||
add [rax],al // db 00 00 | add [rax],al // db 00 00 | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
add [rax],al | add [rax],al | ||
add [rax],al | add [rax],al | ||
| Line 74: | Line 112: | ||
[[File:Assembler.JMP.01.png]] | [[File:Assembler.JMP.01.png]] | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | + | {{AssemblerCommandSeeAlso}} | |
| − | + | ||
| − | + | {{Template:AssemblerCommandExternalLinks}} | |
Latest revision as of 19:22, 1 September 2019
command jmp size operand
Jumps to the given operand (address).
Transfers program control to a different point in the instruction stream without recording return information. The destination (target) operand specifies the address of the instruction being jumped to. This operand can be an immediate value, a general-purpose register, or a memory location.
This instruction can be used to execute four different types of jumps:
- Near jump
- A jump to an instruction within the current code segment (the segment currently pointed to by the CS register), sometimes referred to as an intrasegment jump.
- Short jump
- A near jump where the jump range is limited to -128 to +127 from the current EIP value.
- Far jump
- A jump to an instruction located in a different segment than the current code segment but at the same privilege level, sometimes referred to as an intersegment jump.
- Task switch
- A jump to an instruction located in a different task.
Command Parameters[edit]
| Parameter | Description |
|---|---|
| size OPTIONAL | The preferred size of the assembled address |
| operand | The address or symbol to jump to |
Examples[edit]
jmp +1A // Jump from end of command to +1A (hex).
jmp 00123ABC // Jump to address.
jmp 0000123456ABCDEF // Jump to address.
jmp eax // Jump to value of eax.
jmp rax // Jump to value of rax.
jmp someSymbol // Jump to user defined symbol.
jmp someLabel // Jump to label.
jmp short someLabel // Jump to label with short byte code.
jmp long someLabel // Jump to label with full address.
Running this script in 32 bit mode:
globalAlloc(memTest, 0x200)
memTest:
add [eax],al // db 00 00
add [eax],al
jmp short -4
jmp short +2
add [eax],al
testLbl:
add [eax],al
jmp 02EA0002
add [eax],al
jmp eax
add [eax],al
jmp memTest
add [eax],al
jmp testLbl
add [eax],al
jmp short testLbl
add [eax],al
jmp long testLbl
add [eax],al
db 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
Running this script in 64 bit mode:
globalAlloc(memTest, 0x200)
memTest:
add [rax],al // db 00 00
add [rax],al
add [rax],al
jmp short -4
jmp short +2
add [rax],al
testLbl:
add [rax],al
jmp 01160002
add [rax],al
jmp rax
add [rax],al
jmp memTest
add [rax],al
jmp testLbl
add [rax],al
jmp short testLbl
add [rax],al
jmp long testLbl
add [rax],al
db 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
