Home/ Questions/Q 7034815
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-28T01:13:52+00:00

I noticed some strange looking statements when I viewed some c code in Disassembly.

  • 0

I noticed some strange looking statements when I viewed some c code in Disassembly. The statements occurred just before a call to a function. So I removed all code from my program just leaving an empty main function like this –

I have an empty main function like this –

int _tmain(int argc, _TCHAR* argv[])
{
    return 0;
}

Yet when I looked at Disassembly the assembly statements in question were still present. So does anyone know what these statements are for?

int _tmain(int argc, _TCHAR* argv[])
{
00411350  push        ebp  
00411351  mov         ebp,esp  
00411353  sub         esp,0C0h  
00411359  push        ebx  
0041135A  push        esi  
0041135B  push        edi  
0041135C  lea         edi,[ebp-0C0h]  
00411362  mov         ecx,30h  
00411367  mov         eax,0CCCCCCCCh  
0041136C  rep stos    dword ptr es:[edi]  
return 0;
0041136E  xor         eax,eax  
}

The statements in question are

00411362  mov         ecx,30h  
00411367  mov         eax,0CCCCCCCCh  
0041136C  rep stos    dword ptr es:[edi]
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    That code fills the stack frame with a pattern (0xcc). exc holds the number of words to fill, ‘eax’ is the pattern. The Intel architecture rep opcode is “Repeat String Operation Prefix”. Most likely it is boilerplate code that would have meaning in a complete function (maybe clearing out local variables, creating deliberately bad data for uninitialized variables). Here the stack frame is destroyed immediately on exit and the code is useless.

    Nothing to worry about.

    • 0