-
March 18th, 2021, 01:09 PM
#1
[Resolved] Preserving ESP
Edit...
Hi. Thanks to everyone that checked. After further code testing, I discovered a typo that wasn't reflected in the original post. The issue seems to be resolved, though I'm going to leave the rest of the post in case I'm still missing something or doing things incorrectly or, if it is correct, it helps someone else.
Original Post...
Hi. It's been handy to write a simply subroutine such as...
Code:
mov dword ptr [eax+14h], 0
retn
I'm trying to do something similar with...
Code:
mov dword ptr [esp+14h], 0
retn
Yet, unlike EAX, ESP needs to be preserved.
https://en.wikipedia.org/wiki/X86_calling_conventions
I don't quite understand the mechanics.
So the way I'm hoping to implement it may just not work.
I have several subroutines with (let's call these Redundant instructions)...
Code:
mov dword ptr [esp+14h], 0
mov dword ptr [esp+18h], 0
mov dword ptr [esp+1ch], 0
mov dword ptr [esp+20h], 0
mov dword ptr [esp+24h], 0
mov dword ptr [esp+28h], 0
When I need to change 0 to another value,
I'd like to change the value via one single subroutine
(rather than manually having to change several).
I'd like to replace each instance of these instructions with a single call to a "Tests" subroutine.
That single subroutine would contain multiple tests.
The tests would determine which "Populate" subroutine to call.
Each of these "Populate" subroutines will hold a different set of values for ESP.
Example "Populate - Set 2" Subroutine...
Code:
mov dword ptr [esp+14h], 0
mov dword ptr [esp+18h], 1
mov dword ptr [esp+1ch], 0
mov dword ptr [esp+20h], 1
mov dword ptr [esp+24h], 0
mov dword ptr [esp+28h], 1
retn
I thought I had it working, yet my program will later crash.
Here's how I had it setup...
I replaced the Redundant instructions with a call to the "Tests" subroutine (nothing more).
I was hoping to do the ESP preservation in the "Tests" subroutine.
(Which may or may not be possible.)
Example "Tests" Subroutine...
Code:
push ebp
mov ebp, esp
call "Populate - Default" Subroutine
(test)
jnz 05
call "Populate - Set 2" Subroutine
(Need to add "add esp" instruction? If so, add how much? 8 and other numbers tried don't seem to help.)
mov esp, ebp
pop ebp
retn
If I understood what I've read elsewhere, each call adds 4.
So a call (Populate) within a call (Tests) adds 8?
To get it working, adding 8 seemed to work, like so...
Code:
mov dword ptr [esp+14h], 0
mov dword ptr [esp+20h], 1
mov dword ptr [esp+24h], 0
mov dword ptr [esp+28h], 1
mov dword ptr [esp+2ch], 0
mov dword ptr [esp+30h], 1
retn
Are there any minor tweaks to the "Tests" and/or "Populate" subroutines to get this to safely work (without needing to adjust the single call replacing the Redundant instructions)?
Thanks for any insights.
Last edited by Mr. Smith; March 19th, 2021 at 01:58 PM.
Reason: Resolved
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|