ss 3 Cl Class CSC 495/583 Topics of Software Security X86 - - PowerPoint PPT Presentation

ss 3
SMART_READER_LITE
LIVE PREVIEW

ss 3 Cl Class CSC 495/583 Topics of Software Security X86 - - PowerPoint PPT Presentation

Mar 07, 2023 537 likes •773 views

ss 3 Cl Class CSC 495/583 Topics of Software Security X86 Assembly & Stack & Stack Frame Dr. Si Chen (schen@wcupa.edu) Review Page 2 General-purpose Registers The eight 32-bit general-purpose data registers are used to hold

slide-1
SLIDE 1

CSC 495/583 Topics of Software Security X86 Assembly & Stack & Stack Frame

  • Dr. Si Chen (schen@wcupa.edu)

Cl Class ss3

slide-2
SLIDE 2

Page § 2

Review

slide-3
SLIDE 3

Page § 3

General-purpose Registers

§ The eight 32-bit general-purpose data registers are used to hold

  • perands for logical and arithmetic operations, operands for address

calculations and memory pointers 4 Bytes

slide-4
SLIDE 4

Page § 4

X86 ASM

slide-5
SLIDE 5

Page § 5

MOV

§ Move reg/mem value to reg/mem

– mov A, B is "Move B to A" (A=B) – Same data size mov eax, 0x1337 mov bx, ax mov [esp+4], bl 0x1234

slide-6
SLIDE 6

Page § 6

More About Memory Access

§ mov ebx, [esp + eax * 4] Intel § mov (%esp, %eax, 4), %ebx AT&T § mov BYTE [eax], 0x0f You must indicate the data size: BYTE/WORD/DWORD

slide-7
SLIDE 7

Page § 7

ADD / SUB

§ ADD / SUB § Normallly "reg += reg" or "reg += imm" § Data size should be equal

– add eax, ebx – sub eax, 123 – sub eax, BL ; Illegal

slide-8
SLIDE 8

Page § 8

Jump

§ Unconditional jump: jmp § Conditional jump: je/jne and ja/jae/jb/jbe/jg/jge/jl/jle ... § Sometime with ”cmp A, B” -- compare these two values and set eflags § Conditional jump is decided by some of the eflags bits.

slide-9
SLIDE 9

Page § 9

Jump

§ ja/jae/jb/jbe are unsigned comparison § jg/jge/jl/jle are signed comparison

slide-10
SLIDE 10

Page § 10

The Stack

Stack:

  • A special region of your computer's memory that stores

temporary variables created by each functions

  • The stack is a "LIFO" (last in, first out) data structure
  • Once a stack variable is freed, that region of memory

becomes available for other stack variables.

Bottom Top PUSH POP

Properties:

  • the stack grows and shrinks as functions push and

pop local variables

  • there is no need to manage the memory yourself,

variables are allocated and freed automatically

  • the stack has size limits
  • stack variables only exist while the function that

created them, is running

EBP—Pointer to data on the stack ESP—Stack pointer

0x12E00 0x13000

slide-11
SLIDE 11

Page § 11

The Stack

Stack:

  • A special region of your computer's memory that stores temporary variables created

by each functions

  • The stack is a "LIFO" (last in, first out) data structure
  • Once a stack variable is freed, that region of memory becomes available for other stack

variables.

slide-12
SLIDE 12

Page § 12

Stack Frame

slide-13
SLIDE 13

Page § 13

Stack Frame

§ A stack frame is a frame of data that gets pushed onto the stack. § In the case of a call stack, a stack frame would represent a function call and its argument data.

slide-14
SLIDE 14

Page § 14

Stack Frame

slide-15
SLIDE 15

Page § 15

https://www.slideshare.net/saumilshah/how-functions-work-7776073

slide-16
SLIDE 16

Page § 16

https://www.slideshare.net/saumilshah/how-functions-work-7776073

slide-17
SLIDE 17

Page § 17

https://www.slideshare.net/saumilshah/how-functions-work-7776073

slide-18
SLIDE 18

Page § 18

https://www.slideshare.net/saumilshah/how-functions-work-7776073

slide-19
SLIDE 19

Page § 19

https://www.slideshare.net/saumilshah/how-functions-work-7776073

slide-20
SLIDE 20

Page § 20

Stack Frame

slide-21
SLIDE 21

Page § 21

StackFrame.c

slide-22
SLIDE 22

Page § 22