Endianness

When reading or writing data to memory, we use the registers or memory to process them as BYTE, WORD, DWORD, or even QWORD. Depending on the platform or program, data is read in little-endian or big-endian form.

In little-endian, a chunk of data read into a DWORD is reversed. Let's take the following piece of data as an example:

AA BB CC DD

When the data on a file or memory looks like this, in little-endian format, it will be read as DDCCBBAAh in a DWORD value. This endianness is common to Windows applications.

In the big-endian system, the same chunk of data will be read as AABBCCDDh. The advantage of using the big-endian form arises when reading streaming data such as file, serial, and network streams.

The advantage of reading in little-endian is that the address you read it from remains fixed, regardless of whether it is read as BYTE, WORD, or DWORD. For example, consider the following:

Address       Byte
0x00000000    AA
0x00000001    00
0x00000002    00
0x00000003    00

In the preceding example, we attempt to read the data from address the 0x00000000 address. When read as BYTE, it will be AAh. When read as a WORD, it will be AAh. When read as a DWORD, it will be AAh.

But when in big endian, when read as a BYTE, it will be AAh. When read as a WORD, it will be AA00h. When read as a DWORD, it will be AA000000h.

There are actually a lot more advantages over the other. Either of these can be used by an application depending on its purpose. In x86 assembly, the little-endian format is the standard.