0
Forum
Our Products
What's New
Our partners
Contact Us
   
   
.: Study Of MS C++ Function Calls And Stack Analysis :.
By Nicholas Hall


int test(int a, int b, int c)
{
return a;
}

int main(int argc, char* argv[])
{
int a, int b,int c;
a = 1;
b = 2;
c = 4;
test(a,b,c);
return 0;
}

00401005   $ E9 46000000    JMP DebugThi.main
0040100A   $ E9 11000000    JMP DebugThi.test
0040100F     CC             INT3
00401010     CC             INT3
00401011     CC             INT3
00401012     CC             INT3
00401013     CC             INT3
00401014     CC             INT3
00401015     CC             INT3
00401016     CC             INT3
00401017     CC             INT3
00401018     CC             INT3
00401019     CC             INT3
0040101A     CC             INT3
0040101B     CC             INT3
0040101C     CC             INT3
0040101D     CC             INT3
0040101E     CC             INT3
0040101F     CC             INT3
00401020 >/> 55             PUSH EBP
00401021  |. 8BEC           MOV EBP,ESP
00401023  |. 83EC 40        SUB ESP,40
00401026  |. 53             PUSH EBX
00401027  |. 56             PUSH ESI
00401028  |. 57             PUSH EDI
00401029  |. 8D7D C0        LEA EDI,DWORD PTR SS:[EBP-40]
0040102C  |. B9 10000000    MOV ECX,10
00401031  |. B8 CCCCCCCC    MOV EAX,CCCCCCCC
00401036  |. F3:AB          REP STOS DWORD PTR ES:[EDI]
00401038  |. 8B45 08        MOV EAX,DWORD PTR SS:[EBP+8]
0040103B  |. 5F             POP EDI
0040103C  |. 5E             POP ESI
0040103D  |. 5B             POP EBX
0040103E  |. 8BE5           MOV ESP,EBP
00401040  |. 5D             POP EBP
00401041  \. C3             RETN
00401042     CC             INT3
00401043     CC             INT3
00401044     CC             INT3
00401045     CC             INT3
00401046     CC             INT3
00401047     CC             INT3
00401048     CC             INT3
00401049     CC             INT3
0040104A     CC             INT3
0040104B     CC             INT3
0040104C     CC             INT3
0040104D     CC             INT3
0040104E     CC             INT3
0040104F     CC             INT3
00401050 >/> 55             PUSH EBP
00401051  |. 8BEC           MOV EBP,ESP
00401053  |. 83EC 4C        SUB ESP,4C
00401056  |. 53             PUSH EBX
00401057  |. 56             PUSH ESI
00401058  |. 57             PUSH EDI
00401059  |. 8D7D B4        LEA EDI,DWORD PTR SS:[EBP-4C]
0040105C  |. B9 13000000    MOV ECX,13
00401061  |. B8 CCCCCCCC    MOV EAX,CCCCCCCC
00401066  |. F3:AB          REP STOS DWORD PTR ES:[EDI]
00401068  |. C745 FC 010000>MOV DWORD PTR SS:[EBP-4],1
0040106F  |. C745 F8 020000>MOV DWORD PTR SS:[EBP-8],2
00401076  |. C745 F4 030000>MOV DWORD PTR SS:[EBP-C],4
0040107D  |. 8B45 F4        MOV EAX,DWORD PTR SS:[EBP-C]
00401080  |. 50             PUSH EAX
00401081  |. 8B4D F8        MOV ECX,DWORD PTR SS:[EBP-8]
00401084  |. 51             PUSH ECX
00401085  |. 8B55 FC        MOV EDX,DWORD PTR SS:[EBP-4]
00401088  |. 52             PUSH EDX
00401089     E8 7CFFFFFF    CALL DebugThi.0040100A
0040108E  |. 83C4 0C        ADD ESP,0C
00401091  |. 33C0           XOR EAX,EAX
00401093  |. 5F             POP EDI
00401094  |. 5E             POP ESI
00401095  |. 5B             POP EBX
00401096  |. 83C4 4C        ADD ESP,4C
00401099  |. 3BEC           CMP EBP,ESP
0040109B  |. E8 20000000    CALL DebugThi.__chkesp
004010A0  |. 8BE5           MOV ESP,EBP
004010A2  |. 5D             POP EBP
004010A3  \. C3             RETN

---------------------------------------------------------------------------

int test(int a, int b, int c)
{
return c;
}

00401020 >/> 55             PUSH EBP
00401021  |. 8BEC           MOV EBP,ESP
00401023  |. 83EC 40        SUB ESP,40
00401026  |. 53             PUSH EBX
00401027  |. 56             PUSH ESI
00401028  |. 57             PUSH EDI
00401029  |. 8D7D C0        LEA EDI,DWORD PTR SS:[EBP-40]
0040102C  |. B9 10000000    MOV ECX,10
00401031  |. B8 CCCCCCCC    MOV EAX,CCCCCCCC
00401036  |. F3:AB          REP STOS DWORD PTR ES:[EDI]
00401038  |. 8B45 10        MOV EAX,DWORD PTR SS:[EBP+10]
0040103B  |. 5F             POP EDI
0040103C  |. 5E             POP ESI
0040103D  |. 5B             POP EBX
0040103E  |. 8BE5           MOV ESP,EBP
00401040  |. 5D             POP EBP
00401041  \. C3             RETN


---------------------------------------------------------------------------

int test(int a, int b, int c)
{
c = a + b;
return c;
}

00401020 >/> 55             PUSH EBP
00401021  |. 8BEC           MOV EBP,ESP
00401023  |. 83EC 40        SUB ESP,40
00401026  |. 53             PUSH EBX
00401027  |. 56             PUSH ESI
00401028  |. 57             PUSH EDI
00401029  |. 8D7D C0        LEA EDI,DWORD PTR SS:[EBP-40]
0040102C  |. B9 10000000    MOV ECX,10
00401031  |. B8 CCCCCCCC    MOV EAX,CCCCCCCC
00401036  |. F3:AB          REP STOS DWORD PTR ES:[EDI]
00401038  |. 8B45 08        MOV EAX,DWORD PTR SS:[EBP+8]
0040103B  |. 0345 0C        ADD EAX,DWORD PTR SS:[EBP+C]
0040103E  |. 8945 10        MOV DWORD PTR SS:[EBP+10],EAX
00401041  |. 8B45 10        MOV EAX,DWORD PTR SS:[EBP+10]
00401044  |. 5F             POP EDI
00401045  |. 5E             POP ESI
00401046  |. 5B             POP EBX
00401047  |. 8BE5           MOV ESP,EBP
00401049  |. 5D             POP EBP
0040104A  \. C3             RETN


---------------------------------------------------------------------------
int test(int a, int b, int c)
{
c = a + b;
return c;
}

int main(int argc, char* argv[])
{
int a, int b,int c;
a = 1;
b = 2;
c = 4;
test(a,b,c); int d; <---- Only These Lines Where Added
d = c; <---------------^
return 0;
}

12:   int main(int argc, char* argv[])
13:   {
00401050 55                   push        ebp
00401051 8B EC                mov         ebp,esp
00401053 83 EC 50             sub         esp,50h
00401056 53                   push        ebx
00401057 56                   push        esi
00401058 57                   push        edi
00401059 8D 7D B0             lea         edi,[ebp-50h]
0040105C B9 14 00 00 00       mov         ecx,14h
00401061 B8 CC CC CC CC       mov         eax,0CCCCCCCCh
00401066 F3 AB                rep stos    dword ptr [edi]
14:       int a, int b,int c;
15:       a = 1;
00401068 C7 45 FC 01 00 00 00 mov         dword ptr [ebp-4],1
16:       b = 2;
0040106F C7 45 F8 02 00 00 00 mov         dword ptr [ebp-8],2
17:       c = 4;
00401076 C7 45 F4 04 00 00 00 mov         dword ptr [ebp-0Ch],4
18:       test(a,b,c);
0040107D 8B 45 F4             mov         eax,dword ptr [ebp-0Ch]
00401080 50                   push        eax
00401081 8B 4D F8             mov         ecx,dword ptr [ebp-8]
00401084 51                   push        ecx
00401085 8B 55 FC             mov         edx,dword ptr [ebp-4]
00401088 52                   push        edx
00401089 E8 7C FF FF FF       call        @ILT+5(test) (0040100a)
0040108E 83 C4 0C             add         esp,0Ch
19:       int d;
20:       d = c;
00401091 8B 45 F4             mov         eax,dword ptr [ebp-0Ch]
00401094 89 45 F0             mov         dword ptr [ebp-10h],eax
21:       return 0;
00401097 33 C0                xor         eax,eax
22:   }
00401099 5F                   pop         edi
0040109A 5E                   pop         esi
0040109B 5B                   pop         ebx
0040109C 83 C4 50             add         esp,50h
0040109F 3B EC                cmp         ebp,esp
004010A1 E8 1A 00 00 00       call        __chkesp (004010c0)
004010A6 8B E5                mov         esp,ebp
004010A8 5D                   pop         ebp
004010A9 C3                   ret
 

.: Links :.

Forums
Desert Computer Agents



Website Homepage | About Us | Forums | Our Products | What's New | Our Partners | Contact Us
Cubicle Generation | Arguments Callee | Desert Defenders
Web site contents Copyright Controlling The Internet 2007, All rights reserved.