- Forum
- General C++ Programming
- Help in understanding assembly
Help in understanding assembly
Hi guys,
So I'm following along with the famous or rather infamous depending on how you look at it "Smashing the stack for fun and profit". My assembly expertise is minimal at best. I'm having trouble reading the assembly in the example and need some clarification on a number of aspects in regards to the assembly.
link to the article I'm reading - http://phrack.org/issues/49/14.html
so here is the snippet in question - https://ibb.co/m5Psk1L
What I need help understanding is: at 0x80004a3 we make a function call to the function suitably enough named function, so I'm assuming we then jump to the address 0x8000470 where the function "function" is located, it doesn't show the assembly for the function "function" because we are just looking at the disassembled main function would I be correct in assuming this?
Next we need to know where to return to, the instruction pointer+1 will be 0x80004a8 thus this will be our return address(pushed on the stack as the return address in the function "functions" stack frame) correct?
so we want to skip the assignment x = 1 which will be at 0x80004ab, but how exactly do we do this? Here is my guess:
here is the code
the return address ret will be address of start of buffer + 12 bytes,
the next line kind of confuses me though as we are first referencing ret and then doing +=8?? but shouldn't we not dereference the pointer as by doing *ret += 8, aren't we just adding 8 to the value of ret holds? and not incrementing ret by 8?
and since ret is an int(4 bytes)and not a char(1 byte) wouldn't we not be incrementing ret 4 * 8 instead of 8 * 1?
I diverged a little, as I was saying what I think is happening, ret will be address of start of buffer + 12 bytes, we then increment that address by 8 bytes to jump to 0x80004b2 and effectively skip 0x80004ab. Well that's my guess.
I think this has turned into more of a confirmation rather than a question but I would like someone to confirm.
And now to an actual question, I have 3 circles around the assembly, green,red and yellow. The red is pretty self explanatory it's just the operation, the red and green is a little bit more murky to me. The yellow is the operand for example @0x8000491 move the value of the stack pointer into the value of the base pointer but the green circle, what are the memory addresses in this section? are they the actual memory addresses of the operations?
Thanks!!!
So I'm following along with the famous or rather infamous depending on how you look at it "Smashing the stack for fun and profit". My assembly expertise is minimal at best. I'm having trouble reading the assembly in the example and need some clarification on a number of aspects in regards to the assembly.
link to the article I'm reading - http://phrack.org/issues/49/14.html
so here is the snippet in question - https://ibb.co/m5Psk1L
What I need help understanding is: at 0x80004a3 we make a function call to the function suitably enough named function, so I'm assuming we then jump to the address 0x8000470 where the function "function" is located, it doesn't show the assembly for the function "function" because we are just looking at the disassembled main function would I be correct in assuming this?
Next we need to know where to return to, the instruction pointer+1 will be 0x80004a8 thus this will be our return address(pushed on the stack as the return address in the function "functions" stack frame) correct?
so we want to skip the assignment x = 1 which will be at 0x80004ab, but how exactly do we do this? Here is my guess:
here is the code
|
|
the return address ret will be address of start of buffer + 12 bytes,
the next line kind of confuses me though as we are first referencing ret and then doing +=8?? but shouldn't we not dereference the pointer as by doing *ret += 8, aren't we just adding 8 to the value of ret holds? and not incrementing ret by 8?
and since ret is an int(4 bytes)and not a char(1 byte) wouldn't we not be incrementing ret 4 * 8 instead of 8 * 1?
I diverged a little, as I was saying what I think is happening, ret will be address of start of buffer + 12 bytes, we then increment that address by 8 bytes to jump to 0x80004b2 and effectively skip 0x80004ab. Well that's my guess.
I think this has turned into more of a confirmation rather than a question but I would like someone to confirm.
And now to an actual question, I have 3 circles around the assembly, green,red and yellow. The red is pretty self explanatory it's just the operation, the red and green is a little bit more murky to me. The yellow is the operand for example @0x8000491 move the value of the stack pointer into the value of the base pointer but the green circle, what are the memory addresses in this section? are they the actual memory addresses of the operations?
Thanks!!!
Last edited on
| it doesn't show the assembly for the function "function" because we are just looking at the disassembled main function would I be correct in assuming this? |
| Next we need to know where to return to, the instruction pointer+1 will be 0x80004a8 thus this will be our return address(pushed on the stack as the return address in the function "functions" stack frame) correct? |
| the return address ret will be address of start of buffer + 12 bytes, |
[/quote]the next line kind of confuses me though as we are first referencing ret and then doing +=8??[/quote]It increments by 8 the int value stored at memory location ret.
In other words,
|
|
| but the green circle, what are the memory addresses in this section? are they the actual memory addresses of the operations? |
Topic archived. No new replies allowed.