Thread: Mixed Language: C and Asm

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. 01-02-2011 #1
    tabstop
    tabstop is offline
    and the Hat of Guessing tabstop's Avatar
    Join Date
    Nov 2007
    Posts
    14,336
    Also:
    Code:
    mov %ebp, %esp
    means "SAY GOODBYE TO THE STACK!!!!!" The whole purpose of the pops is to bring esp down while moving the clobbered registers back to what they're supposed to be. If you fiddle with esp, now you're popping the old ebp into eax, the eip (i.e., where to return to from this function) into edi, probably the [11] byte of one of your strings (depending which one was loaded where) into esi, the [10] byte of that string into ebp [eep!] and then using the [9] byte of the string as the return address to jump to with ret. And that's not going to be pleasant.
  2. 01-02-2011 #2
    Eman
    Eman is offline
    The Dragon Reborn
    Join Date
    Nov 2009
    Location
    Dublin, Ireland
    Posts
    629
    wow it worked, very cool Thanks!

    I don't get it. The book I am using used it, and some tutorials.
    It says it frees the stack by restoring it to its original value.


    The whole purpose of the pops is to bring esp down while moving the clobbered registers back to what they're supposed to be.
    do you mean the bring the esp up, as in esp+4 on every pop?

    If you fiddle with esp, now you're popping the old ebp into eax, the eip (i.e., where to return to from this function) into edi, probably the [11] byte of one of your strings (depending which one was loaded where) into esi, the [10] byte of that string into ebp [eep!] and then using the [9] byte of the string as the return address to jump to with ret. And that's not going to be pleasant.
    what? haha how does that happen by simply moving %ebp to %esp, crazy stuff!
    You ended that sentence with a preposition...Bastard!
« Previous Thread | Next Thread »
Popular pages Recent additions subscribe to a feed