Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
- - - - -

Stack Pushed Out of Order, Help Understanding these Results?

c assembly stack

This topic has been archived. This means that you cannot reply to this topic.
4 replies to this topic

#1 Pally

Pally

    CC Devotee

  • Senior Member
  • PipPipPipPipPipPip
  • 413 posts

Posted 27 February 2013 - 09:05 AM

I would really appreciate this insight into why my code pushed variables onto the stack out of order.. it did what no textbook example says it should typically do. (and not simply in reverse order, I'm not looking at it backwards.. it is actually out of order).

 

Here is my C code,

 

void test_function(int a, int b, int c, int d) {   
   int flag;
   int flag2 = 7;
   char buffer[10];
   flag = 5;
   flag = d;
   buffer[0] = 'A';
}


int main() {
   int x = 9;
   test_function(1, 2, 3, 4);
}
 

when I disassemble and (after a few instructions and loading the variables with there data) I evaluated the stack look what happens, here is the stack notice I bolded 'A' or 0x41 that was loaded in the buffer.. then notice that the variables I underlined

 

The point is: The char buffer[] was pushed onto the stack first, before the other variables (flag and flag2)  usual textbook examples show it should all be in order thus in theory the push order should have been flag,flag2, then buffer.

 

However the stack below shows that buffer was pushed first.. then flag, finally flag2

 

esp and ebp while inside the test_function()

esp            0xbffff840

ebp            0xbffff868
 

0xbffff840:    0xbffffa9a    0x0000002f    0x00000007 0x00000004
0xbffff850:    0x084184a0    0x08048340    0x00000000    0x0b900200
0xbffff860:    0xb7fc13e4    0x00080000    0xbffff898    0x0804849d
0xbffff870:    0x00000001    0x00000002    0x00000003    0x00000004
0xbffff880:    0xb7fed270    0x00000000    0x080484a9    0x00000009
0xbffff890:    0x080484a0    0x00000000    0x00000000    0xb7e344d3
0xbffff8a0:    0x00000001    0xbffff934    0xbffff93c    0xb7fdc858
0xbffff8b0:    0x00000000    0xbffff91c

 

My guess is that maybe the compiler decided to do some optimizations?

 

 

Thank you!


Edited by Pally, 27 February 2013 - 11:39 AM.

Your Friendly Neighborhood Pally

#2 Pally

Pally

    CC Devotee

  • Senior Member
  • PipPipPipPipPipPip
  • 413 posts

Posted 28 February 2013 - 05:35 AM

No replies? If you've never seen anything like this before let me know its just very unusual, every stack I've seen prior was in order 


Your Friendly Neighborhood Pally

#3 PurityLake

PurityLake

    CC Regular

  • Member
  • PipPipPip
  • 36 posts

Posted 28 February 2013 - 05:46 PM

Your guess seems right, it may have to do with the compiler. I would assume that it is putting buffer in first due to its size. Sorry but I can't help

#4 Pally

Pally

    CC Devotee

  • Senior Member
  • PipPipPipPipPipPip
  • 413 posts

Posted 01 March 2013 - 07:39 AM

Your guess seems right, it may have to do with the compiler. I would assume that it is putting buffer in first due to its size. Sorry but I can't help

Thanks for the reply

 

I'm only using GCC which is not doing this on my desktop.. I'm on my laptop and it does the above..  I guess it really doesn't matter that much atleast I was able to realize that it did it... 

 

it kind of pisses me off however because now a simple buffer overflow cannot be done to hit one of the flags...

 

now I think the important lesson is that anything is possible.. what you thought was real was not! MATRIX **!


Your Friendly Neighborhood Pally

#5 PurityLake

PurityLake

    CC Regular

  • Member
  • PipPipPip
  • 36 posts

Posted 01 March 2013 - 08:43 AM

Well, when will we ever really understand computers? We can predict behaviour really well but things can happen, maybe if you were yo rebuild your C program by deleting everything the compiler made (except for the source file) and the build and run then disassemble it you will get a different result, its worth a try if you haven't already






Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download