3.3 Real Mode

Finally, in this chaptcr I'll present several examples that demonstrate how to

patch MS-DOS applications. These examples will establish general themes

with regard to patching system-level code that will recur throughout the rest

of the book. I'm hoping that the real-mode example that I walk through will

serve as a memento that provides you with a solid frame of reference from

which to interpret more complicated scenarios.

The Real-Mode Execution Environment

The current real-mode environment is based on the facilities of the 8086/88

processors (see Figure 3.6). Specifically, there are six segment registers,

four general registers, three pointer registers, two indexing registers, and a

FLAGS register. All of these registers are 16 bits in size.

The segment registers (CS, DS, SS, and ES) store segment selectors, the first

half of a logical address. The PS and GS registers also store segment selec¬

tors; they appeared in processors released after the 8086/88. Thus, a real-

mode program can have at most six segments active at any one point in time

(this is usually more than enough). The pointer registers (IP, SP, and BP) store

the second half of a logical address: effective addresses.

Bit 15

BitO

CS

Code Segment

DS

Data Segment

SS

Stack Segment

ES

Extra Segment

FS

Segment

GS

Segment

Segment

� Registers

All

AL

BH

BL

CH

CL

DH

DL

General

Registers

Bit 15

BitO

IP Instruction Pointer

SP

Slack Pointer

BP Stack Frame Pointer

SI

Source Index

DI

Destination Index

Bit 15

BitO

FLAGS Register

Pointer

Registers

Indexing

Registers

Figure 3.6

Parti I 65