How to build stacks out of assembly code?
I am studying cybersecurity at the moment, and we learned how to build stacks out of an assembly code piece. But because of a lack of examples I am not sure about my idea of doing this.
The question is:
Assume an empty stack and that the register
raxis initially 1, all others 0. Draw the stack layout after the following code finishes, and mark wherersppoints to. Note: the stack grows top to bottom.
push rax
inc rax
push rax
lea r11, [rip]
push r11
pop rcx
xor rcx, rcx
push rcx
mov rdx, 0xffff0000
push dx
pop r10w
push r10
add rax, 40
push rax
I know how pop, push, inc etc work (besides lea I am not so sure about).
I got the following result for the stack:
2
0x00 (or 0 not so sure About this)
0x00
0x00
0x00
42
and the rsp is by the entry with 42.
I looked around but did not find any example that looks similar to my exercise. I hope that someone can tell me where I made a mistake if I did one, because for me it looks wrong.
Zycralia1 Answer
Draw the stack layout after the following code finishes, and mark where
rsppoints to.
Rather than trying to do this in your head you should write it out in detail:
code stack register changes
-------------------- ----- ----------------
push rax 1
inc rax rax=2
push rax 1
2
lea r11, [rip] r11=?
push r11 1
2
?
pop rcx 1 rcx=?
2
xor rcx, rcx rcx=0
push rcx 1
2
0
mov rdx, 0xffff0000 rdx=0xFFFF0000 -> dx=0
push dx 1
2
0
0
pop r10w 1 r10w=0 -> r10=0
2
0
push r10 1
2
0
0
add rax, 40 rax=42
push rax 1
2
0
0
42 <-- RSP points below here
lea r11, [rip] push r11 pop rcx
and
mov rdx, 0xffff0000 push dx pop r10w
have no real influence on the final stack. They did however change registers R10 and R11.
FifoernikUser contributions licensed under CC BY-SA 3.0