Collectives™ on Stack Overflow

Find centralized, trusted content and collaborate around the technologies you use most.

Teams

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

My assignment is to debug a binary bomb and I am wondering what this line of assembly is doing, specifically with the -0x4(%esi,%ebx,4):

add -0x4(%esi,%ebx,4),%eax

Here is the whole code as well. In it there is a loop which I am trying to figure out.

   0x08048e90 <+0>: push   %ebp
   0x08048e91 <+1>: mov    %esp,%ebp
   0x08048e93 <+3>: push   %esi
   0x08048e94 <+4>: push   %ebx
   0x08048e95 <+5>: sub    $0x30,%esp
   0x08048e98 <+8>: lea    -0x20(%ebp),%eax
   0x08048e9b <+11>:    mov    %eax,0x4(%esp)
   0x08048e9f <+15>:    mov    0x8(%ebp),%eax
   0x08048ea2 <+18>:    mov    %eax,(%esp)
   0x08048ea5 <+21>:    call   0x80493ab <read_six_numbers>
   0x08048eaa <+26>:    cmpl   $0x0,-0x20(%ebp)
   0x08048eae <+30>:    jns    0x8048eb5 <phase_2+37>
   0x08048eb0 <+32>:    call   0x8049351 <explode_bomb>
   0x08048eb5 <+37>:    mov    $0x1,%ebx
   0x08048eba <+42>:    lea    -0x20(%ebp),%esi
   0x08048ebd <+45>:    mov    %ebx,%eax
   0x08048ebf <+47>:    add    -0x4(%esi,%ebx,4),%eax
   0x08048ec3 <+51>:    cmp    %eax,(%esi,%ebx,4)
   0x08048ec6 <+54>:    je     0x8048ecd <phase_2+61>
=> 0x08048ec8 <+56>:    call   0x8049351 <explode_bomb>
   0x08048ecd <+61>:    add    $0x1,%ebx
   0x08048ed0 <+64>:    cmp    $0x6,%ebx
   0x08048ed3 <+67>:    jne    0x8048ebd <phase_2+45>
   0x08048ed5 <+69>:    add    $0x30,%esp
   0x08048ed8 <+72>:    pop    %ebx
   0x08048ed9 <+73>:    pop    %esi
   0x08048eda <+74>:    pop    %ebp
   0x08048edb <+75>:    ret    
Edit:
I ended up figuring it out.  Thank you everyone!  
The solution is 1 2 4 7 11 16 which I figured out by analyzing the loop but also by analyzing %eax during the compare statements to see what the value should be.
                See also the AT&T syntax tag wiki for more details on the syntax, and links to more docs.
– Peter Cordes
                Nov 18, 2017 at 17:44
from Figure 3.3, CSAPP:
+------------+-------------+---------------------------+---------------+
|    Type    |  Form       |   Operand Value           |   Name        |
+------------+-------------+---------------------------+---------------+
| Memory     |Imm(Eb,Ei,s) |M[Imm + R[Eb]+ R[Ei] * s]  |Scaled indexed |
+------------+-------------+---------------------------+---------------+
So the answer is to access the memory position which is the result of value in register %esi plus value in register %edi multipled by 4 and minus 4. and add this value in that memory to register %eax.