xorpd assembly riddle 0x01

Nov 13, 2018 · 2 min read

xorpd has some riddle-like pieces of assembly code here. In this post, I’ll analyze the second one.

So, here’s the code:

xadd rax,rdx
loop .loop

What’s going on here?

The mnemonic xadd means Exchange and Add, each round rdx will have the value rax had and rax will be equal to rax+rdx.

Let’s imagine some initial values for rax and rdx:

CASE rax = 0, rdx = 0ROUND 1 => rax = 0, rdx = 0
ROUND N => rax = 0, rdx = 0

Not much, uh? How about changing one of their initial values to 1:

CASE rax = 1, rdx = 0ROUND 1 => rax = 1, rdx = 1
ROUND 2 => rax = 2, rdx = 1
ROUND 3 => rax = 3, rdx = 2
ROUND 4 => rax = 5, rdx = 3
ROUND 4 => rax = 8, rdx = 5
ROUND 4 => rax = 13, rdx = 8
ROUND 4 => rax = 21, rdx = 13
rax = X[i], rdx = X[i-1]

This pattern looks a lot like the Fibonacci sequence.

Since we are not provided with the initial values of ecx, rax and rdx we cannot infer the exact result or how many times will the loop be executed. But I can imagine this chunk of code as being the main part of a function that returns the final value of a Fibonacci-like sequence given two initial values and a number of rows. Something like this:

func getFibonacci(int a, int b, inc cycles): int result

Or a snippet from a plain-old Fibonacci sequence implementation, of course


Shellcode for the masses


Written by


Twitter: @syscall59 | medium.syscall59.com | syscall59@protonmail.com



Shellcode for the masses

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade