Stack -- Memory which holds register contents. Will keep the EIP of the next address after the call

Similar documents
Assembly Language Programming: Procedures. EECE416 uc. Charles Kim Howard University. Fall

EECE.3170: Microprocessor Systems Design I Summer 2017 Homework 4 Solution

Islamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB. Lab # 10. Advanced Procedures

CSC 2400: Computer Systems. Using the Stack for Function Calls

CSC 8400: Computer Systems. Using the Stack for Function Calls

Systems I. Machine-Level Programming V: Procedures

Procedure-Calling Conventions October 30

Lecture 4 CIS 341: COMPILERS

x86 assembly CS449 Fall 2017

CMSC 313 Lecture 12. Project 3 Questions. How C functions pass parameters. UMBC, CMSC313, Richard Chang

X86 Stack Calling Function POV

143A: Principles of Operating Systems. Lecture 5: Calling conventions. Anton Burtsev January, 2017

143A: Principles of Operating Systems. Lecture 4: Calling conventions. Anton Burtsev October, 2017

Islamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB. Lab # 7. Procedures and the Stack

Assembly Language: Function Calls

CSC 2400: Computer Systems. Using the Stack for Function Calls

Assembly Language: Function Calls" Goals of this Lecture"

Assembly Language: Function Calls" Goals of this Lecture"

Function Calls COS 217. Reading: Chapter 4 of Programming From the Ground Up (available online from the course Web site)

Assembly Language: Function Calls. Goals of this Lecture. Function Call Problems

AS08-C++ and Assembly Calling and Returning. CS220 Logic Design AS08-C++ and Assembly. AS08-C++ and Assembly Calling Conventions

238P: Operating Systems. Lecture 3: Calling conventions. Anton Burtsev October, 2018

CSC 2400: Computing Systems. X86 Assembly: Function Calls"

CSC 2400: Computing Systems. X86 Assembly: Function Calls

CMSC 313 Lecture 12 [draft] How C functions pass parameters

16.317: Microprocessor Systems Design I Fall 2014

Procedure Calls. Young W. Lim Sat. Young W. Lim Procedure Calls Sat 1 / 27

Reverse Engineering II: Basics. Gergely Erdélyi Senior Antivirus Researcher

Program Exploitation Intro

Question 4.2 2: (Solution, p 5) Suppose that the HYMN CPU begins with the following in memory. addr data (translation) LOAD 11110

Subprograms: Local Variables

CS 31: Intro to Systems Functions and the Stack. Martin Gagne Swarthmore College February 23, 2016

Subprograms: Arguments

Register Allocation, iii. Bringing in functions & using spilling & coalescing

Procedure Calls. Young W. Lim Mon. Young W. Lim Procedure Calls Mon 1 / 29

Reverse Engineering II: The Basics

16.317: Microprocessor Systems Design I Fall 2015

Assembler Programming. Lecture 10

Machine-level Programming (3)

The IA-32 Stack and Function Calls. CS4379/5375 Software Reverse Engineering Dr. Jaime C. Acosta

Winter Compiler Construction T11 Activation records + Introduction to x86 assembly. Today. Tips for PA4. Today:

16.317: Microprocessor Systems Design I Spring 2015

Practical Malware Analysis

Lecture 15 Intel Manual, Vol. 1, Chapter 3. Fri, Mar 6, Hampden-Sydney College. The x86 Architecture. Robb T. Koether. Overview of the x86

/ 28 HLL assembly Q4: Conditional instructions / 40 TOTAL SCORE / 100 EXTRA CREDIT / 10

CS213. Machine-Level Programming III: Procedures

Microprocessors ( ) Fall 2010/2011 Lecture Notes # 15. Stack Operations. 10 top

Assembly III: Procedures. Jin-Soo Kim Computer Systems Laboratory Sungkyunkwan University

Function Call Convention

CNIT 127: Exploit Development. Ch 1: Before you begin. Updated

Computer Systems Lecture 9

CMSC 313 COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE PROGRAMMING

ASSEMBLY III: PROCEDURES. Jo, Heeseung

16.317: Microprocessor Systems Design I Fall 2013

Assembly III: Procedures. Jo, Heeseung

CMSC 313 COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE PROGRAMMING PREVIEW SLIDES 16, SPRING 2013

Computer Systems Organization V Fall 2009

administrivia today start assembly probably won t finish all these slides Assignment 4 due tomorrow any questions?

X86 Addressing Modes Chapter 3" Review: Instructions to Recognize"

Module 3 Instruction Set Architecture (ISA)

The x86 Architecture

Digital Forensics Lecture 3 - Reverse Engineering

22 Assembly Language for Intel-Based Computers, 4th Edition. 3. Each edge is a transition from one state to another, caused by some input.

CSE P 501 Compilers. x86 Lite for Compiler Writers Hal Perkins Autumn /25/ Hal Perkins & UW CSE J-1

Machine Program: Procedure. Zhaoguo Wang

Reverse Engineering II: The Basics

Assembly Language for Intel-Based Computers, 4 th Edition. Chapter 8:Advanced Procedures

Assembly Language for Intel-Based Computers, 4 th Edition. Chapter 5: Procedures. Chapter Overview. The Book's Link Library

Intro to x86 Binaries. From ASM to exploit

The course that gives CMU its Zip! Machine-Level Programming III: Procedures Sept. 17, 2002

Implementing Threads. Operating Systems In Depth II 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.

CIT Week13 Lecture

Machine-Level Programming III: Procedures

3. Process Management in xv6

Procedures CHAPTER The 80x86 Stack Bit Procedures with Value Parameters. 6.3 Additional 32-Bit Procedure Options Bit Procedures

W4118: PC Hardware and x86. Junfeng Yang

Assembly Language for Intel-Based Computers, 4 th Edition. Lecture 25: Interface With High-Level Language

UMBC. contain new IP while 4th and 5th bytes contain CS. CALL BX and CALL [BX] versions also exist. contain displacement added to IP.

x86 assembly CS449 Spring 2016

UNIVERSITY OF CALIFORNIA, RIVERSIDE

Scott M. Lewandowski CS295-2: Advanced Topics in Debugging September 21, 1998

An Introduction to x86 ASM

CS 480 Fall Runtime Environments. Mike Lam, Professor. (a.k.a. procedure calls and heap management)

Buffer Overflows Defending against arbitrary code insertion and execution

Sample Exam I PAC II ANSWERS

THEORY OF COMPILATION

IA32 Stack. Stack BoDom. Region of memory managed with stack discipline Grows toward lower addresses. Register %esp contains lowest stack address

mith College Computer Science CSC231 Assembly Week #12 Thanksgiving 2017 Dominique Thiébaut

Registers. Ray Seyfarth. September 8, Bit Intel Assembly Language c 2011 Ray Seyfarth

Subprograms, Subroutines, and Functions

Computer Architecture and Assembly Language. Practical Session 3

EECE.3170: Microprocessor Systems Design I Summer 2017

UMBC. 1 (Feb. 9, 2002) seg_base + base + index. Systems Design & Programming 80x86 Assembly II CMPE 310. Base-Plus-Index addressing:

CS 33: Week 3 Discussion. x86 Assembly (v1.0) Section 1G

Advanced Procedures. Computer Organization and Assembly Languages Yung-Yu Chuang 2005/11/24. with slides by Kip Irvine

Stack, subprograms. procedures and modular programming role of stack while using procedures stack implementation (Pentium)

2 Sadeghi, Davi TU Darmstadt 2012 Secure, Trusted, and Trustworthy Computing Chapter 6: Runtime Attacks

Writing 32-Bit Applications

Buffer-Overflow Attacks on the Stack

CSE P 501 Exam 8/5/04 Sample Solution. 1. (10 points) Write a regular expression or regular expressions that generate the following sets of strings.

Transcription:

Call without Parameter Value Transfer What are involved? ESP Stack Pointer Register Grows by 4 for EIP (return address) storage Stack -- Memory which holds register contents Will keep the EIP of the next address after the call EIP Instruction Pointer Register call Push EIP (for keep the return to the main) New EIP value indicates the address of the Procedure Procedure is executed Result is stored in a register (e.g., EAX) ret Pop EIP (to restore the return address) ESP restored to the original value Stack Empty 70

Call without Parameter Value Transfer 71

Procedures with Value Parameters Main program call(s) a procedure Main Program transfers the parameter values push parameters Procedure receives (retrieves) them Read parameters from Stack (by the EBP reference) Procedure may do a task or it may return a value Value return is done via a Register (e.g., EAX) value-returning procedure is sometimes called a function 72

Procedure protocols for Stack Clean-Up 2 Protocols for Procedure handling Cdecl ( C Declaration ) --- Caller Clean-Up Stdcall ( Standard Call ) --- Callee Clean-Up Clean-up means move Stack Pointer back to the original position 73

Cdecl ( C Declaration ) Caller Clean-up convention used by many C systems for the x86 architecture. Default in Visual Studio Function parameters are pushed on the stack. Function return values are returned in the EAX register Registers EAX, ECX, and EDX are available for use in the function. The calling program cleans the stack after the function call returns 74

Stdcall --- we use this in class Callee Clean-up Convention A variation on the Pascal calling convention Callee is responsible for cleaning up the stack Ret N N is added to ESP Parameters are pushed to the stack Registers EAX, ECX, and EDX are designated for use within the function. Return values are stored in the EAX register. Standard calling convention for the Microsoft Win32 API. 75

Call with Parameter Value Transfer What are involved? EBP (base pointer) stored ESP is copied to EBP (Keep ESP): reference for parameters value Parameter values are pushed call Push EIP (for keep the return to the main) Procedure: parameters are popped EBP Restored ret n Pop EIP (to restore the return address) Clean the Stack by ESP + n (Dword) 76

Implementing Value Parameters Parameter values normally passed on the stack Pushed in reverse order from argument list Example Design or high-level code: sum := add2(value1, value2) 80x86 implementation: Caller push ECX ; value2 in ECX push value1 ; dword value1 in memory call add2 ; call procedure add2 mov sum, EAX ; sum in memory 77

Procedure Code Since the stack pointer ESP may change, a procedure starts to store (push) the base pointer EBP in the stack This location is fixed until the procedure code restores EBP right before returning ESP is now copied (mov) to EBP In the procedure body, parameters are located relative to EBP Procedure code also saves contents of registers if they are used locally within the procedure body procedure code restores these registers before exit (ret) 78

Example Procedure add2 PROC ; add two words passed on the stack ; return the sum in the EAX register push EBP ; save EBP mov EBP,ESP ; establish stack frame mov EAX,[EBP+8] ; copy first parameter value add EAX,[EBP+12] ; add second parameter value pop EBP ; restore EBP ret 8 ; return with ESP+8 add2 ENDP 79

Stack Frame Upon Entry to Procedure add2 and After EBP Established in Entry Code 80

Structure of Procedure in Coding (Stdcall) 81

Procedure Example CallAddTwo.asm ( Stdcall ) 82

83

push EAX ;for word1 84

push EAX ;for word2 85

call AddTwo Note that EIP (for return address) is stored in the stack 86

push EBP 87

mov EBP, ESP ;to save ESP 88

mov EAX,[EBP+12] 89

add EAX, [EBP+8] 90

pop EBP 91

ret 8 ;Add 8 to ESP 92

Manual Tracking of Stack, EIP, and ESP 93

Summary for Stdcall MAIN CODE 1. Parameter values passed on the stack 2. Call a procedure (this pushes the return address in EIP to the stack) PROCEDURE 1. Push EBP and Copy ESP to EBP (EBP becomes the reference for retrieving the parameter values) fixed location on the stack while ESP may vary. 2. Push Register(s) if necessary 3. Retrieve Parameter values referenced to EBP 4. Do the functions 5. Pop the Register(s) if pushed 6. Pop EBP 7. Ret N (First, this pops the return address to EIP. And, second, N, which is the number of bytes pushed in the MAIN CODE, is added to ESP) MAIN CODE 1. Continue for the next step. 95

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback