issuhub.com

Assembly Language for Beginners

(nextflipdebug2) #1 
3.19. NEGATIVE ARRAY INDICES

35 mov ecx, DWORD PTR _fakearray$[ebp]
36 ; ecx=address of fakearray[0], ecx+1 is fakearray[1] or array[0]
37 movzx edx, BYTE PTR [ecx+1]
38 push edx
39 push OFFSET $SG2751 ; 'first element %d'
40 call _printf
41 add esp, 8
42 mov eax, DWORD PTR _fakearray$[ebp]
43 ; eax=address of fakearray[0], eax+2 is fakearray[2] or array[1]
44 movzx ecx, BYTE PTR [eax+2]
45 push ecx
46 push OFFSET $SG2752 ; 'second element %d'
47 call _printf
48 add esp, 8
49 mov edx, DWORD PTR _fakearray$[ebp]
50 ; edx=address of fakearray[0], edx+10 is fakearray[10] or array[9]
51 movzx eax, BYTE PTR [edx+10]
52 push eax
53 push OFFSET $SG2753 ; 'last element %d'
54 call _printf
55 add esp, 8
56 ; subtract 4, 3, 2 and 1 from pointer to array[0] in order to find values before array⤦
Ç[]
57 lea ecx, DWORD PTR _array$[ebp]
58 movzx edx, BYTE PTR [ecx-4]
59 push edx
60 lea eax, DWORD PTR _array$[ebp]
61 movzx ecx, BYTE PTR [eax-3]
62 push ecx
63 lea edx, DWORD PTR _array$[ebp]
64 movzx eax, BYTE PTR [edx-2]
65 push eax
66 lea ecx, DWORD PTR _array$[ebp]
67 movzx edx, BYTE PTR [ecx-1]
68 push edx
69 push OFFSET $SG2754 ; 'array[-1]=%02X, array[-2]=%02X, array[-3]=%02X, array[-4]=%02⤦
ÇX'
70 call _printf
71 add esp, 20
72 xor eax, eax
73 mov esp, ebp
74 pop ebp
75 ret 0
76 _main ENDP


So we havearray[]of ten elements, filled with 0 : : : 9 bytes.

Then we have thefakearray[]pointer, which points one byte beforearray[].

fakearray[1]pointsexactlytoarray[0]. Butwearestillcurious, whatistherebeforearray[]? Wehave

addedrandom_valuebeforearray[]and set it to0x11223344. The non-optimizing compiler allocated

the variables in the order they were declared, so yes, the 32-bitrandom_valueis right before the array.

We ran it, and:

first element 0

second element 1

last element 9

array[-1]=11, array[-2]=22, array[-3]=33, array[-4]=44

Here is the stack fragment we will copypaste from OllyDbg’s stack window (with comments added by the

author):

Listing 3.120: Non-optimizing MSVC 2010

CPU Stack

Address Value

001DFBCC /001DFBD3 ; fakearray pointer

001DFBD0 |11223344 ; random_value

001DFBD4 |03020100 ; 4 bytes of array[]

001DFBD8 |07060504 ; 4 bytes of array[]
Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2024. All rights reserved.