Assembly Language for Beginners

1.7. STACK Let’s load the example into OllyDbg: Figure 1.5:OllyDbg:f1() Whenf1()assigns the variablesa,bandc, their values are s ...

1.7. STACK And whenf2()executes: Figure 1.6:OllyDbg:f2() ...a,bandcoff2()are located at the same addresses! No one has overwritt ...

1.8 printf() with several arguments. _f1 ENDP Unlike MSVC 2010, MSVC 2013 allocated a/b/c variables in functionf2()in reverse or ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS In certain cases where several functions return right after one another, the compiler could ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS MSVC and OllyDbg Now let’s try to load this example in OllyDbg. It is one of the most popul ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS Press F8 (step over) 6 times, i.e. skip 6 instructions: Figure 1.8:OllyDbg: beforeprintf()e ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS Press F8 (step over). We see the following output in the console: a=1; b=2; c=3 Let’s see h ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS Press F8 again to executeADD ESP, 10instruction: Figure 1.11:OllyDbg: afterADD ESP, 10instr ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS Let’s try this example also inGDB^68 in Linux. -goption instructs the compiler to include d ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS debugging information, also saves a table of relations between source code line numbers and ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS eip 0x804844f 0x804844f <main+50> ... x64: 8 arguments To see how other arguments are ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS Listing 1.46: Optimizing GCC 4.4.6 x64 .LC0: .string "a=%d; b=%d; c=%d; d=%d; e=%d; f=%d; g ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS rip 0x7ffff7a65f60 0x7ffff7a65f60 ... Listing 1.48: let’s inspect the format string (gdb) ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS r9 0x7ffff7a60134 140737348239668 r10 0x7fffffffd5b0 140737488344496 r11 0x7ffff7a95900 140 ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS Optimizing Keil 6/2013 (ARM mode) + let’s remove return Let’s rework example slightly by re ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS Next, we see the familiarADRP/ADDinstruction pair, which forms a pointer to the string.lo12 ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS So,SP+4is to be stored into theR12register. The nextSTMIA R12, R0-R3instruction writes regi ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS text:0000290C _printf_main2 text:0000290C text:0000290C var_1C = -0x1C __text:0000290C var_ ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS text:00002BCA 02 22 MOVS R2, #2 text:00002BCC 03 23 MOVS R3, #3 text:00002BCE CD F8 10 90 S ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS Listing 1.54: Optimizing GCC 4.4.5 (assembly output) $LC0: .ascii "a=%d; b=%d; c=%d\000" ma ...