Label: jmp
The assembler’s JMP command is a branch command. Executing the command (jmp assembler) leads to the current processor’s execution point change. The execution point (corresponding to the value of EIP register, or a RIP one for 64-bit systems) is the address of the next instruction in the memory that the processor must execute during the next step.
JMP command types
There are several types of the JMP assembler command. They differ in the maximum distance to which a jump (far jump / short jump) can be carried out, and depending on whether a value of one of the processor’s segment registers is going to be used during the transition. The “jmp” command type (management transfer command) determines the length of sequence of the bytes that are required to encode an instruction. When using a macroassembler, a jump instruction type is set by “short” (short jump) and “far” (long jump) prefixes:
; jmp assembler MASM command
jmp short Label1
jmp far ptr Label2
// Or the same via an assembler insertion in C / C ++
_asm {
jmp short Label1
jmp far ptr Label2
}
Encoding a command
If the transition address is set by a label, the command is coded by two or five bytes (nine in the case of 64-bit systems), depending on the length of the transition. The offset is calculated relative to the next instruction address after the jmp instruction. You can assemble or disassemble a jmp command for x86 using the form below:
Instruction address: Address for transition:
Distance: short far
Instruction code:
Test proc
...
a_10000000h: jmp short t_10000010h ;
...
t_10000010h:
Test endp
Functions call interception via replacement of header bytes by JMP or CALL instructions
