esp3

Disassembly-flavor Intel//sets the assembly to Intel style;Disassemble main//disassembly main function;Main function:1. Push EBP2. MVO EBP, Esp3. and ESP, 0xfffffff04. Sub ESP, 0x105. CMP DWORD PTR [ebp+0x8], 0x16. Jle 0x804841d And then look at overflow's disassembly code, command: Disassemble overflowOverflow function:1. Push EBP2. mov ebp, esp3. Sub ESP, 0x284. MOV eax, DWORD ptr[ebp+0x8]5. mov DWORD

refers to the memory to get the value, as an EIP, and then jump to the EIP stored in the address to continue execution.In this case the stackFigure 5Here, the function ExG has returned and its return value is stored in the EAX register, which is the return value ofReturn to function exf1 ... 2 addl $4,%ESP3leave4 retThe program proceeds from the above instructions,Addl $4,%ESP recycle stack space, stack space shrinks by 4 bytes,Leave, equivalent to the following two instructionsMOVL%EBP,%es

automatically completed by the system. However, in the process of completion, the system will use the following three registers: 1. eip2.esp3. The role of EBP when the fun function is called. 1. The EIP register stores the address of the instruction that the CPU will execute next time. That is, after calling the fun function, let the CPU know that the printf ("function call ends") Statement in the main function should be executed. 2. The EBP register

parameters from right to left (1st ~ 6 rows ); Step 2: Call the call command to redirect (line 1 ). These two steps have profound meanings. They indicate that the default calling method of C/C ++ is based on the caller's management parameter operation in the stack, and the order of the incoming stack is from right to left, this call method is called _ cdecl. The Inbound direction of the x86 system is from high address to low address, so the 1st to N parameters are placed in the stack with incre

. Conditional delivery Instructions (reference 20135202 Shang blog) The most common way to translate conditional expressions and statements from C to machine languages is to combine conditional and unconditional jumps. Assembly structure of the If-else Generic form template if (test-expr) Then-statement Else Else-statement (Note: test-expr integer expression [false/true]) Assembly Implementation Form t = test-expr; if (!t) Goto fals

General Register % eax for external use.2. Point % ESP to the position where the function starts execution, that is, movl % EBP, % ESP3. Before the function returns ret, restore EBX, that is, popl % EBP. Movl % EBP, % ESPPopl % EBPRET As can be seen from the above, when % ESP points to the position where the function starts to execute, the local variable is meaningless (because at this timeThe stack address that ESP points to is higher than the a

pushes of ebpmov ebp and esp3) to save local variables in the stack when this function is called. Method: reduce esp by a number, which means it is pushed into a bunch of variables. To recover the esp, you only need to restore it to the data saved in the ebp. 4) Save ebx, esi, and edi to the stack. After the function is called, it is restored. The corresponding code is as follows: Move esp down to a range, which is equal to releasing a new space in t

First write a small program: void fun (void) {printf ("Hello World");} void main (void) {fun () printf ("function call ends ");} this is an example of a simple function call. When a program calls a function, we often say that the function is first pushed to the stack. When the function call is completed, the stack is released. All these tasks are automatically completed by the system. However, in the process of completion, the system will use the following three registers: 1. eip2.

--bootloader-id specific to GRUB UEFI. --efi-directory Specifies the mountpoint of the ESP3, Configuration Grub.cfgGrub-mkconfig-o/boot/grub/grub.cfgFor more information about GRUB, see Https://wiki.archlinux.org/index.php/GRUB#Generate_the_main_configuration_fileHttps://wiki.archlinux.org/index.php/EFISTUBHttps://wiki.archlinux.org/index.php/Arch_boot_process--Add, when we give the hard disk first partition, we will find that the 34th sector began,

How does a function in memory go through a series of process calls? Pointer Register ESP,EBP1. First figure out the two very important pointer register ESP,EBP in the function call. Some understanding of these two registers:The ESP is a stack pointer, which is used to point to the stack topEBP is the frame pointer, which points to the stack bottom of the stack. function Stack Frame2. The function calls the process needs to open up the space, uses in this function's call the temporary variable pr