assembly question - am I missing something?

Discussion in 'Assembly Language Programming (ALP) Forum' started by 3jg13, Sep 29, 2011.

  1. 3jg13

    3jg13

    Sep 29, 2011
    I am very confused about this one item I am looking at doing some reversing for.

    Here is the line in IDA:
    cmp [ebp+8], offset unk4323
    jnz loc3434

    To me, this will compare the contents inside (ebp+8) and compare to the global unk4323. If not the same, then it will jump to loc3434. Is that right? Because if it is, that's not what I am seeing. I have attached a debugger and examined the contents of both and they are definitely not the same (I even zero-ed the global unk4323). But the cmp instruction always sets the Zero flag and never causes the jmp to occur.

    ebp+8: b4 42 a9 8a
    unk4323: 00 00 00 00

    The cmp instruction with these values sets the zero flag

    Am I missing something here?

    Please advise. Thanks.

