Assembly Language for Beginners

1.8. PRINTF() WITH SEVERAL ARGUMENTS Non-optimizing GCC 4.4.5 Non-optimizing GCC is more verbose: Listing 1.56: Non-optimizing G ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS ; set 4th argument of printf(): .text:00000030 li $a3, 3 ; get address of printf(): .text:0 ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS ; pass 1st argument in $a0: lui $4,%hi($LC0) ; pass 9th argument in stack: li $2,8 # 0x8 sw ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS .text:00000054 li $a3, 3 ; function epilogue: .text:00000058 lw $ra, 0x38+var_4($sp) ; set ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS Listing 1.61: Non-optimizing GCC 4.4.5 (IDA) .text:00000000 main: .text:00000000 .text:0000 ...

1.8. PRINTF() WITH SEVERAL ARGUMENTS PUSH 3rd argument PUSH 2nd argument PUSH 1st argument CALL function ; modify stack pointer ...

1.9 scanf(). possible to create a hypothetical compiler able to pass arguments via a special structure without using stack at al ...

1.9. SCANF() Besides the fact that the function needs to indicate how many values were successfully read, it also needs to retur ...

1.9. SCANF() Here is a typicalstack framelayout in 32-bit environment: ... ... EBP-8 local variable #2, marked inIDAasvar_8 EBP- ...

1.9. SCANF() MSVC + OllyDbg Let’s try this example in OllyDbg. Let’s load it and keep pressing F8 (step over) until we reach our ...

1.9. SCANF() scanf()completed its execution already: Figure 1.13:OllyDbg:scanf()executed scanf()returns 1 inEAX, which implies t ...

1.9. SCANF() Later this value is copied from the stack to theECXregister and passed toprintf(): Figure 1.14:OllyDbg: preparing t ...

1.9. SCANF() This simple example is a demonstration of the fact that compiler translates list of expressions in C/C++- block int ...

1.9. SCANF() ; return 0 xor eax, eax add rsp, 24 ret ARM Optimizing Keil 6/2013 (Thumb mode) .text:00000042 scanf_main .text:000 ...

1.9. SCANF() 27 ldr w1, [x29,28] 28 ; W1=x 29 ; load pointer to the "You entered %d...\n" string 30 ; printf() will take text st ...

1.9. SCANF() j $31 addiu $sp,$sp,40 ; branch delay slot IDA displays the stack layout as follows: Listing 1.72: Optimizing GCC 4 ...

1.9. SCANF() So what happens here? xis not uninitialized and contains some random noise from local stack. When scanf()called, it ...

1.9. SCANF() In this case thexvariable is defined in the_DATAsegment and no memory is allocated in the local stack. It is access ...

1.9. SCANF() MSVC: x86 + OllyDbg Things are even simpler here: Figure 1.15:OllyDbg: afterscanf()execution The variable is locate ...

1.9. SCANF() In OllyDbg we can review the process memory map (Alt-M) and we can see that this address is inside the .dataPE-segm ...