[SOLVED] [ASM] Some questions about the stack.

With no.Mute · 09-09-2010, 06:28 PM

I was hoping someone could explain to me, what is going on when you push something that is already on the stack?

Example:

Code:

pushl 8(ebp)

kbp · 09-09-2010, 07:21 PM

I use intel syntax but I think it means the same as 'push [ebp+8]' - you'll get another copy of it at the top of the stack -

eg.

before:

Code:

ebp +8       -> 0x00000008
ebp +4       -> 0x00000009
ebp          -> 0x0000000a
ebp -4       -> 0x0000000b
esp          -> 0x0000000c

after: pushl 8(ebp)

Code:

ebp +8       -> 0x00000008
ebp +4       -> 0x00000009
ebp          -> 0x0000000a
ebp -4       -> 0x0000000b
ebp -8       -> 0x0000000c
esp          -> 0x00000008

Please correct me if my gas -> intel interpretation is wrong

hth

With no.Mute · 09-09-2010, 07:28 PM

ok cheers, but why do that? i mean the data is already on the stack.

kbp · 09-09-2010, 08:34 PM

It's probably about to call another function and this argument needed to be passed through ..

pseudo code:

Code:

push arg2
push arg1
call myfunc_a
..
# inside myfunc_a
...
push [ebp+8]        # <- original myfunc_a:arg2 pushed (copied) to be validate_arg:arg1
call validate_arg

Depending on the calling convention, arguments may be expected in registers or on the stack - usually starting at [ebp+8] after the standard function preamble has modified ebp to create a new stack frame

You may need to post a bit more code for an accurate assessment

cheers

With no.Mute · 09-09-2010, 10:18 PM

ah ok i understand now thanks for clearing that up =]