Re: sub esp, 0ch question

Tech-Archive recommends: Fix windows errors by optimizing your registry


"Scherbina Vladimir" <vladimir.scherbina@xxxxxxxxxxxx> ׫??ì¶à]¼þÐÂÂ?:Oahb$%234kGHA.4212@xxxxxxxxxxxxxxxxxxxxxxx
#include <stdio.h>

int main (int argc, char *argv[])
{
00411A10 55 push ebp

store ebp in stack (because ebp wiill be used by the caller - later it
should be restored)

00411A11 8B EC mov ebp,esp

treat ebp as esp (we need it for getting params from stack. esp cannot be
used because it's changing)

00411A13 81 EC C0 00 00 00 sub esp,0C0h

reserve space for data in stack

00411A19 53 push
ebx
00411A1A 56 push esi
00411A1B 57 push edi

storing registers ebx, esi, edi

00411A1C 8D BD 40 FF FF FF lea edi,[ebp-0C0h]

load variable reserved in stack to edi

00411A22 B9 30 00 00 00 mov ecx,30h
00411A27 B8 CC CC CC CC mov eax,0CCCCCCCCh
00411A2C F3 AB rep stos dword
ptr

storing 0CCCCCCCCh value to edi (the length of edi is 30h)
========================================================
What is the purpose of the above 3 lines?
Thanks
Jack


[edi]
printf ("Trial\n");
00411A2E 68 1C 40 42 00 push offset string
"Trial\n" (42401Ch)
00411A33 E8 4B FA FF FF call @ILT?(_printf)

calling printf function

(411483h)
00411A38 83 C4 04 add esp,4

adding 4 bytes to esp (cdecl convention)

return 0;
00411A3B 33 C0 xor eax,eax
}

returning zero


Would anyone not mind explaining the assembly code for me? (line-by-line)
Thanks
Jack


the function has a bug. I don't see here restoring ebp and ebx, edi, esi:
at the end - before xor eax, eax should be:

pop edi
pop esi
pop ebx
pop ebp

--
Vladimir



.

Relevant Pages