Here's a simple hello world file
#include <stdio.h>
int main() {
printf("hello, world\n");
return 0;
}
Here is the instruction to load the address of a string from the .rodata section into a register
lea rax, str.hello__world ; hit0_0; 0x2004 ; "hello, world"
Because we are moving an address into a 64 bit register, we're using this form of LEA
REX.W + 8D /r | LEA r64,m | Store effective address for m in register r64
The hex dump of the instruction is:
- offset - 0 1 2 3 4 5 6 7 8 9 A B C D E F 0123456789ABCDEF
0x00001151 488d 05ac 0e00 0048 89c7 e8f0 feff ffb8 H......H........
So, the instructions look like:
REX.W: 0x48 ; 0x40 + the W bit is toggled
8D : 0x8D ; 8D is the instruction itself
/r : 0x05 ; I would be unable to get this without looking at the disassembly
; I'm guessing the offset is of wiki os dev
Here's the string for hello, world
- offset - 0 1 2 3 4 5 6 7 8 9 A B C D E F 0123456789ABCDEF
0x00002004 6865 6c6c 6f2c 2077 6f72 6c64 0000 0000 hello, world....
How do I calculate 0x2004 as the offset. I'm fairly sure the address begins at 0xac and the 0x05 is part of the offset