Make eax = 1 using two bytes(intel)

开发者_运维百科This question may sound weird, but it's needed for injecting code to a binary.

Can you think of a way to make eax equal to 1, without depending on content like carry flag or others, other registers etc ?

But in 2 bytes only. 3 is easy and it can be done in many ways, but can it be done with 2 ?

I suspect you mean 2 bytes, not 2 opcodes. If you really mean 2 opcodes, then the following 3-byte alternatives come to mind:

  xor eax, eax
  inc eax

  sub eax, eax
  inc eax

I can't immediately think of a two-byte sequence that would do the equivalent - I suspect there are none.

mov $1, %eax
nop

Good enough for you? :)

If you really meant two bytes, not two opcodes, you may have a hard time with those constraints. I'd look at the surrounding code with an eye to whether there's anything you can take advantage of (eg, execute code in the middle of other code, etc). Or find a way to get more code space.