I want to patch some UEFI PEI module of an older BIOS and I encountered some problem. hex edit and insert one function from other BIOS Now I need to fix some offsets. These addresses are from .data section, and are some predefined values. I fixed most of them except these This are from file disassembled with IDA in original code hex bytes
cmp byte_FFFAC358, 0FFh 80 3D 58 C3 FA FF FF
mov ecx, offset byte_FFFAC358 B9 58 C3 FA FF
mov cl, byte_FFFAC359[eax] 8A 88 59 C3 FA FF
mov al, byte_FFFAC35A[eax] 8A 80 5A C3 FA FF
lea ecx, byte_FFFAC358[eax] 8D 88 58 C3 FA FF
but in my BIOS module that data is located at different address. 0xFFFAC358 is at 0xFFFB60B4 0xFFFAC359 is at 0xFFFB60B5 0xFFFAC35A is at 0xFFFB60B6
I try to fix this and resulting code is
cmp byte ptr ds:unk_FFFB63B4, 0FFh 80 3D B4 60 FB FF FF
mov ecx, offset byte_FFFB60B4 B9 B4 60 FB FF
mov cl, ds:byte_FFFB60B5[eax] 8A 88 B5 60 FB FF
mov al, ds:byte_FFFB60B6[eax] 8A 80 B6 60 FB FF
lea ecx, byte_FFFB60B4[eax] 8D 88 B4 60 FB FF
Second and fifth lines seems Ok Third and fourth may be also OK, im not 100% sure But for the firt line there is an offset of 0x300 from what must be.
I'm a newbiee so pleas enlight me what I do wrong.
Checked on dogbolt org For that part of code 80 3D B4 60 FB FF FF
Hex-Rays if ( unk_FFFB63B4 != 0xFF )
Ghidra if (DAT_fffb60b4 != -1)
BinaryNinja char* ecx_1 = &data_fffb60b4