Assembly language basics 2-Introduction to various addressing and process access

Command marking method

Prefix instruction [operand 1], [operand 2]; Comment

Note that the memory cannot be used as the destination and source operands at the same time.

 

Operands

The operands of General commands can be 0 ~ 2.

Implicit operand-implicit operands

Implicit operands are specified by the instruction itself. CLI and STI are such commands that do not need to be specified. The CLI and STI commands set and clear the interrupt flag in the eflags register. CLI and STI always operate on that bit.

Register addressing-register operands

That is, the instruction uses the value in the register as the source or destination operand.

Call EDI; EDI contains address to call

MoV eax, EBX; eax <-EBX eax = destination EBX = Source

INC eax; eax = eax + 1-eax = source and destination

 

Immediate-immediate operands

The immediate number is a part of the instruction and specifies the value of the operand directly. Immediate count allows you to set a constant to a variable or reference a fixed memory address.

MoV eax, 177; load eax with 177

MoV Cl, 0ffh; load CL with 255

Call 12341234 h; call routine at location 12341234 H

 

Io operands-I/O operands

Io operands are not in user modeProgram. Io commands are used to reference devices in Io map. These include most hardware devices such as pics, serial ports, parallel ports, and disk controllers.

In Al, 04 H; read Port location 4 into Al register

Out 04 H, Al; write Al register to Port location 4

 

Memory Reference operations

Memory-referenced operands are the methods for obtaining the value of an operand through many memory addressing methods.

1. Absolute addressing-direct addressing

The address itself is used as the operand. This is used to point out the fixed address occupied by the program, such as the global variable of the instance.

MoV Al, [12341234 H]

Inc dword ptr [12341234 H]

2. Indirect addressing-based addressing

Registers are used to store addresses as operands. This is often used to parse the variables pointed to by pointers.

MoV Al, [ECx]

Dec dword ptr [esi]

3. Indirect addressing with offset-base plus displacement addressing

Similar to indirect addressing, the difference is that an additional offset must be added to the register address. This method is used to access the variables in a structure. The pointer in the register points to the starting address of this structure, and the displacement allows reference to the correct structure element. This method is better than having to direct the pointer directly to every element to be accessed, becauseCodeTo access multiple elements of a struct. In this way, the pointer value in the register only needs to be set once, and only the offset can be changed.

Lea edX, [esp + 0x4]

MoV ECx, [EBP-0x10]

4. base address + offset addressing-Index Plus displacement addressing

This addressing method is the same as indirect addressing with an offset. The difference is that the Register is exchanged with the fixed offset role. Now the base address is a fixed position, plus an offset in the register. This method is mainly used to access elements in arrays in static memory.

MoV eax, 1234124 H [esi]

5. Address Change Addressing-base plus displacement Plus index addressing

This is an addressing method mixed by multiple addressing methods. It combines the previous two methods. Used to access the address declared on the stack or dynamically allocated on the stack. The register points to the base address, the other registers save offset, and a fixed offset can be included.

MoV eax, [EBP + 8] [esi]

INC word PTR [EBX + eax * 2]

Process call entry and exit

When you enter and exit a program, the Representative stack frame will be created so that the program can easily access parameters and local variables. The intel processor uses the EBP and ESP registers to complete this task. The following information shows how a stack framework is created when a subfunction is called.

 

Procedure Call

MoV eax, argument 1; load eax with value of argument 1

Push eax; push first argument onto Stack

Call sub1

Before calling a function, the parameter is pushed to the stack. Break down the push command and it does the following:

ESP <-ESP-4; Decrement Stack pointer

SS: [esp] <-operand; load operand into location pointed to by ESP

Break down the call command. The following is the call command:

Push EIP; push return address on Stack

EIP <-destination; EIP set to first instruction on the sub1 routine

The stack should look like this:

????
EIP (that is, the return value)	<-	ESP
Argument 1
????

Process entry

The typical process entry looks like this:

Push EBP; Save the base pointer

MoV EBP, esp; Setup new stack frame

Sub ESP, 24; Allocate local variables

Three things happened. First, we saved the values of the EBP register. Most compilers assume that the EBP register will not be destroyed by the calling process. Second, we have established a stack framework, working to copy ESP to the EBP register, and we have done this for the process. Third, we create space for local variables, which are allocated on the stack. Now the stack should look like this:

????
Local var n	<-	ESP
Local var 1
Saved EBP	<-	EBP
EIP (return value)
Argument 1
????

Access parameters and local variables

To access parameters, you can use the following command anywhere in the process:

MoV eax, [EBP + 8]; read argument one into eax register

To access local variables, run the following command:

MoV eax, [EBP-4]; read first local variable

Exit

The typical exit section looks like the following:

MoV ESP, EBP; restore Stack pointer

Pop EBP; restore base pointer

RET 4; Return

To exit a process, you first need to recover esp. the restoration process is to set it to be the same as the EBP value. Then, the EBP is restored to the way it was called during this process. The value was pushed into the stack earlier. The last command is ret, and the analysis of RET command is as follows:

EIP <-pop (); reset our instruction pointer

ESP <-ESP + count; fixup stack for arguments