Address != Offset

[XTZGZoReX]

Just thought I'd throw a terminology nazi on you folks.

An address is an absolute location in memory. An offset is a displacement from an absolute address.

Just sayin'.

[sitnspinlock]

and where did such infraction occur at :P

[_Mike]

And an offset from zero is effectively an absolute address.

[Cypher]

And an offset from zero is effectively an absolute address.

^ This.

Nazi fail by OP.

[XTZGZoReX]

^ This.

Nazi fail by OP.

If you're writing 0x0 + 0xdeadbeef in your code, you're retarded.

and where did such infraction occur at :P

About every new person who comes here with zero knowledge (see: info dump threads).

[Azzie2k8]

If you're writing 0x0 + 0xdeadbeef in your code, you're retarded.



About every new person who comes here with zero knowledge (see: info dump threads).

Well basicly an address is just a special case of an offset like a square is a rectangle for example but not the other way around. So you should probably say Offset != Address.

[Cypher]

If you're writing 0x0 + 0xdeadbeef in your code, you're retarded.



About every new person who comes here with zero knowledge (see: info dump threads).

It's not about how you express your addresses/offsets in your code, it's about the semantics of the terms. It's simply the fact that absolute addresses CAN be expressed as offsets. You were implying that the two terms are mutually exclusive, when they are not. Stop trying to troll, you're bad at it, and in this case you're wrong anyway.

[Robske]

If you're writing 0x0 + 0xdeadbeef in your code, you're retarded.

Hmm, lets look at your definition of an offset shall we?

An offset is a displacement from an absolute address.

Sooooo.... 0x0 is NOT an absolute address?

I'm curious, what do you think is posted in those dump threads? Addresses or offsets?

[_Mike]

I'm curious, what do you think is posted in those dump threads? Addresses or offsets?

Addroffses obviously

And besides; ASLR (and even virtual memory in a way) invalidates the OP's argument even more.
When people talk about offsets, they are actually talking about.. waait for it.. offsets.

[gononono64]

If you do not know the difference between an address and an offset, you should not be snooping in the dump anyways nor on this forum section. Thats right all you noobs (that like to message me) reading this thread to figure it out! Go away and read a few books!

[schlumpf]

And what about 0x0 (as you call it address) being just an offset into your thread's memory?

[eLaps]

interesting thread...

[Apoc]

So what determines where 'absolute 0' starts from? Is it 0x0? Or the image base?

Also; is an offset of 0x0 from 0x0 still an offset? Or an address?

MY MIND HAS BEEN BLOWN

[XTZGZoReX]

I suppose some clarification is needed....

What constitutes an absolute address obviously depends on your viewpoint. From an application point of view, an address is the image base plus an offset into the virtual memory. From an OS point of view, that is an offset (depending on its implementation...obviously). I think it's safe to say that the development going on in this forum does not go OS-level, so for all practical purposes, the result of image base plus offset might as well be an absolute address here, and is what I'm going to assume in the rest of this post.

And an offset from zero is effectively an absolute address.

The resulting value, yes. The act of saying 0x0 + <something>, no. That's offsetting, and <something> is the offset, which is what I'm getting at. In the end, a value is not an offset unless it's used as the offset in an offsetting expression...

Sooooo.... 0x0 is NOT an absolute address?

I don't think I said it wasn't. 0x0 alone is as much an absolute address as 0xffffffff is.

It's not about how you express your addresses/offsets in your code, it's about the semantics of the terms. It's simply the fact that absolute addresses CAN be expressed as offsets. You were implying that the two terms are mutually exclusive, when they are not.

They can be expressed as the result of a base plus an offset, yes, or simply a full, absolute value. Just taking the offset part of a base + offset expression and calling it both an absolute address and an offset is not valid. The moment you're using it as an absolute address, it no longer takes part in an offsetting expression, and thus...is not an offset. So yes, they are very much mutually exclusive.

You can represent an absolute address as the result of an offsetting expression, but an absolute address is not an offset, which is what my thread title is saying.

Also; is an offset of 0x0 from 0x0 still an offset? Or an address?

Per definition, it still is an offsetting expression, even if this is a bit of an edge case. The result would be an address (although, probably not a very useful one).

I'm curious, what do you think is posted in those dump threads? Addresses or offsets?

Since ASLR was enabled in WoW, offsets. Before that, absolute addresses (image base (0x400000) plus offset). Quite obviously.

You seem to be assuming that I'm implying 'offset' is the incorrect term for what's currently posted in those info dump threads. I didn't say that. On the contrary, calling what's currently posted addresses would be wrong, which is actually what I'm getting at. Maybe you should be a bit less hasty with jumping the "lol ASLR noob" bandwagon.

And besides; ASLR (and even virtual memory in a way) invalidates the OP's argument even more.
When people talk about offsets, they are actually talking about.. waait for it.. offsets.

Virtual memory invalidates my statements so far completely if we're looking from an OS point of view, but there's no reason you would need to in this forum of all places, as already stated. ASLR does not invalidate my argument; ASLR simply defers finding the absolute address to runtime. I don't quite see how this relates to my statements so far.

My entire point with this thread is that incorrect terminology leads to confusion (as was very effing evident in this forum after WoW's switch to ASLR), and that it needs to be fixed. This obviously means that this thread doesn't even target any of the people who have replied so far, but rather, newcomers.

Hopefully this clarification helps with getting that simple point across.

[MaiN]

But the point is that an offset is a value that is relative to another value. An absolute address is a value that is relative to 0. Therefore an absolute address is just as much an offset as an RVA, for instance, because an absolute address is relative to 0.