Expression calculates value and, if available, address of arithmetical expression. Expression can include constants, registers, memory addresses and to some limited extent symbolic names, all standard arithmetical operations, parentheses and two parameters %A and %B. You can find both intuitive and formal descriptions of allowed expressions in file ollydbg.hlp. On success, Expression fills in structure t_result and returns length of valid expression. On error (result->type==DEC_UNKNOWN) it returns position of error in expression string and error message in result->value.
Notice that starting from version 1.08, Expression() doesn't report error "Extra characters on line". Unrecognized symbols remain unprocessed.
int Expression(t_result *result,char *expression,int a,int b, char *data,ulong database,ulong datasize,ulong threadid);
Parameters:
result - pointer to structure t_result that receives results of evaluation;
expression - input string containing expression to evaluate;
a - value of parameter %A;
b - value of parameter %B;
data - optional pointer to the copy of memory of debugged process. If data is not NULL and expression accesses variable in memory in range from database to database+datasize, Expression takes contents of memory from data, otherwise it reads memory of debugged process. This spares time, especially if you estimates multiple expressions.
database - address of data in memory space of debugged process;
datasize - size of data;
threadid - identifier of thread whose registers will be used in evaluation of expression. If threadid is 0 and expression includes register, Expression reports erorr.
See also: Checkcondition, t_result