I came across the following lines of code:
assume esi:ptr IMAGE_NT_HEADERS
lea esi,[esi].OptionalHeader
and for the second day I can’t figure it out: 1.why you don’t need to specify the data type before ptr here.
2.why assume with ptr is used here. I read that this directive requires a data type, but I don't quite understand how it works. I studied masm on a dos system, and there this directive connected two registers, what it does here - I do not quite understand.
Why can't you just refer to IMAGE_NT_HEADERS as:
lea esi, [IMAGE_NT_HEADERS].OptionalHeader
in Windows, a flat model is used and there is no need to bind segment registers and IMAGE_NT_HEADERS is a regular structure or did I misunderstand?