Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Despite looking at textbooks trying to grasp this, I’m having trouble.
0x08048b29 <func+0>: push %ebp
0x08048b2a <func+1>: mov %esp,%ebp
0x08048b2c <func+3>: push %ebx
...
0x08048b30 <phase_2+7>: lea -0x28(%ebp),%eax
In the lea instruction, I understand that %eax gets the value at 0x28 before %ebp, but where is that exactly? Is it 0x8048b29 – 0x28 (0x28 before the beginning of the function) or what?
The ebp register is typically used within a function to access any arguments passed to the function. Before this function is called, any arguments not passed by register are pushed onto the stack. At the start of this function, the calling function’s base pointer is saved.
(1)
0x08048b29 <func+0>: push %ebpThe new top of the stack is copied into ebp to serve as the base pointer in this function.
(2)
0x08048b2a <func+1>: mov %esp,%ebpFinally, ebx is saved, which was likely a variable passed to the function in a register.
(3)
0x08048b2c <func+3>: push %ebxAfter all of this function entry code, the ebp register is pointing into the middle of the stack. Above it on the stack (toward the newest pushed items) is the ebx value that was pushed in #3 above. Below it on the stack are the old ebp from the calling function (saved in #1 above) and MOST importantly… any arguments passed to this function via the stack (done before the function was called).
(4)
lea -0x28(%ebp),%eaxThe final instruction is referring to one of those arguments passed by the stack. ebp ends up pointing into the stack, not at any of the functions code addresses. This is pretty normal for ebp, it is most often used as a pointer into the stack.