disassembler output

[redoktober]

Heylo!

okay, i'm being noobish again!

i got my hands on a disassembler, and i've been playing with it, and i kinda like it!
is the assembly output it gives out accurate?
i mean, if i run it through an assembler, maybe MASM, will it work??

thankee!

[AJ]

Hi,

The output of a disassembler should be accurate, but you need to watch some things - firstly, do you mix 16, 32 and 64 bit code? If so, that can cause a problem. Also, the syntax of the disassembler needs to (obviously) be the same as the syntax of the assembler. So, for example, if you use ndisasm to disassemble, use nasm to assemble.

Cheers,
Adam

[Troy Martin]

Another thing to watch for is that strings may be corrupted. For example, take the following: db "Hello world!"

That will be transferred into assembly during a disassemble. When you re-assemble it, it may say something like: db "Helyo worhd!"

Keep that in mind and always disassemble to the bittedness the binary uses.

[whowhatwhere]

Be aware that most control transfer instructions are relative to the current PC. A disassembler might not make this apparent.

[bewing]

As said above, there can be significant alignment problems -- especially with data statements (ie. db, dw, dd, dq). If the original code had these statements and you disassemble the code, the disassembler will almost always try to interpret the data statements as code. Since they are usually not valid code, you will often get "illegal opcode" errors. Also, at the end of the data the disassembler will often incorrectly decode the next 5 or 10 opcodes before it gets properly realigned.

[redoktober]

okay.
well yeah, i'm only doing 32-bit code at present.
and yeah, sometimes, some of the strings do get re-arranged. VERY annoying.

thanks a lot, guys!