Code Forums - View Single Post

kenshi · 08-22-2002, 04:23 AM

Just one point, a function would never use a push instruction before returning. Not only is that against ANSI/C standards, but it would be chaotic at the assembler level. When a function is called (using the call instruction), the processor (behind the scenes) pushes the contents of the IP register to the stack so it'll know where to return to later. When it returns, it goes to the last address on the stack. When you push eax just before returning, it'll try to go to the address pointed to in eax, written in Intel syntax as [eax]. In protected mode, since it most likely points outside the program's code range, you'll probably get a segfault. Even if it's within the code range, it probably won't land exactly at the beginning of an instruction (since most instructions are more than 1 byte) and will likely get an illegal instruction error. If you happen to be running in real-mode, then God have mercy on your computer. In case you want proof, write a simple assembler function that puts 0 in eax, pushes it, and returns and call that function from another C/C++ function. It'll segfault every time it gets to that point.

08-22-2002, 04:23 AM	#11 (permalink)
kenshi Registered User Join Date: Jun 2002 Location: Antarctica Posts: 43	Just one point, a function would never use a push instruction before returning. Not only is that against ANSI/C standards, but it would be chaotic at the assembler level. When a function is called (using the call instruction), the processor (behind the scenes) pushes the contents of the IP register to the stack so it'll know where to return to later. When it returns, it goes to the last address on the stack. When you push eax just before returning, it'll try to go to the address pointed to in eax, written in Intel syntax as [eax]. In protected mode, since it most likely points outside the program's code range, you'll probably get a segfault. Even if it's within the code range, it probably won't land exactly at the beginning of an instruction (since most instructions are more than 1 byte) and will likely get an illegal instruction error. If you happen to be running in real-mode, then God have mercy on your computer. In case you want proof, write a simple assembler function that puts 0 in eax, pushes it, and returns and call that function from another C/C++ function. It'll segfault every time it gets to that point.