堆栈指针在循环中增加

huangapple go评论57阅读模式
英文:

Stack pointer add on loop

问题

00401036        mov     [ebp+var_4], 0
0040103D        mov     [ebp+var_8], 0
00401044 loc_401044:
00401044        cmp     [ebp+var_4], 0
00401048        jnz     short loc_401063 
0040104A        call    performAction
0040104F        mov     [ebp+var_8], eax
00401052        mov     eax, [ebp+var_8]
00401055        push    eax
00401056        call    checkResult
0040105B        add     esp, 4
0040105E        mov     [ebp+var_4], eax
00401061        jmp     short loc_401044

根据我的理解,esp是堆栈指针,所以为什么要在堆栈上添加4呢?如果这是一个递归调用,那么添加4到堆栈会有意义,但这只是一个循环。

英文:

Learning some reverse engineering and I came across some examples of loops in x86 assembly

00401036        mov     [ebp+var_4], 0
0040103D        mov     [ebp+var_8], 0
00401044 loc_401044:
00401044        cmp     [ebp+var_4], 0
00401048        jnz     short loc_401063 
0040104A        call    performAction
0040104F        mov     [ebp+var_8], eax
00401052        mov     eax, [ebp+var_8]
00401055        push    eax
00401056        call    checkResult
0040105B        add     esp, 4
0040105E        mov     [ebp+var_4], eax
00401061        jmp     short loc_401044

From my understanding, esp is the stack pointer so:
Why is 4 being added to the stack? It would make sense if this was a recursive call but it’s just a loop

答案1

得分: 3

这很可能使用了C调用约定,即"调用者清理"。这种约定允许可变参数函数,比如printf,其中被调用者不知道栈上有多少参数。

你应该看的整段代码是:

00401055        push    eax // 用于checkResult的参数
00401056        call    checkResult
0040105B        add     esp, 4 // 清理参数

add也可以用pop eax来替代,但代码对值不感兴趣,所以只是移动了栈指针。

英文:

This is likely using C calling convention, which is "caller cleans up". This convention allows for variable-argument functions like printf where the callee does not know how many arguments are on the stack.

The whole bit you should look at is:

00401055        push    eax // argument for checkResult
00401056        call    checkResult
0040105B        add     esp, 4 // clean up the argument

the add could have been a pop eax, except the code is not interested in the value, so it just moves the stack pointer.

huangapple
  • 本文由 发表于 2023年6月5日 04:27:06
  • 转载请务必保留本文链接:https://go.coder-hub.com/76402283.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定