Does the code in Practical Reverse Engineering have an error, or am I misunderstanding the circuit design?

Question

Does the code in Practical Reverse Engineering have an error, or am I misunderstanding the circuit design?

I recently began to study assembly to do reverse engineering. I read Practical Reverse Engineering and saw the assembly code there:

loop_start:    
  mov eax, [edi+4]
  mov eax, [eax+ebx*4]
  test eax, eax
  ... //They also did the dots here
  jz short loc_7F627F
loc_7F627F:
  inc ebx
  cmp ebx, [edi]
  jl short loop_start

Then they said that this information should give us an idea, decompile it on this (I do all the points exactly where they did it):

typedef struct _Foo
{
  DWORD size;
  DWORD array[...];} FOO, *PFOO;

  PFOO bar= ...;

  for(i= ...; i < bar->size; i++)
  {
    if(bar->array[i] != 0){
    ...
  }
}

jz short loc_7F627F , eax , ... jz, jz? , eax, , , , ( , , ..., ZF), , , C-, .

+4

assembly x86 reverse-engineering

Sebastian Walla 01 . '17 9:48

1

Johan · Accepted Answer · 2017-02-01T10:49:27+0000

:

loc_7F627F:
inc ebx
cmp ebx, [edi]
jl short loop_start

:

for(i= ?; i < bar->size; i++){
    //do something
    }
}

mov eax, [edi+4]
mov eax, [eax+ebx*4]
test eax, eax
... //They also did the dots here
jz short loc_7F627F

() :

if(bar->array[i] != 0){
  ...
}

.
... , array[i] <> 0 ... jz skip_to_next_loop_iteration, .

loc_7F627F ...; ... for.

Does the code in Practical Reverse Engineering have an error, or am I misunderstanding the circuit design?

More articles: