69A8AB13 int 3
69A8AB14 int 3
69A8AB15 mov edi,edi
69A8AB17 push ebp
69A8AB18 mov ebp,esp
mov edi,edi doesn't make sense for me,what's it for?
views:
148answers:
1
+14
A:
It's a 2 byte NOP instruction. It gets included at the beginning of any function in an image compiled with the /hotpatch option:
http://msdn.microsoft.com/en-us/library/ms173507.aspx
-scott
snoone
2010-09-16 15:27:05
What's NOP instruction for?
COMer
2010-09-16 15:30:45
NOP stands for "no operation", which means it does effectively nothing.
Joachim Sauer
2010-09-16 15:32:19
@COMer, you would know, if you read the link that @snoone provided.
Strelok
2010-09-16 15:32:27
It's a "no operation", in other words it doesn't do anything at all. It just provides some space at the beginning of the function so that the hotpatching support in the O/S has some place to put a Detours style hook. Two bytes is actually only enough space for a short relative jump, so some space is also added before the function as well (the hook will do a short jump to a location before the function that does a long jump).
snoone
2010-09-16 15:34:28