Assembly

Course
Time
13 hours 15 minutes
Difficulty
Beginner
CEU/CPE
14

Video Transcription

00:01
Oh, this is Dr Miller. And this is Episode 6.7 of Assembly.
00:06
Today we're gonna talk about function arguments,
00:09
so function arguments,
00:11
these allow us to pass parameters to a function. This allows the function to do different things based on those parameters.
00:18
And it turns out we only have a limited number of registers, and so we're gonna end up having to use the stack.
00:24
And so because of that, we're going to by default, we're going to start using anti BP based Stack. We've talked about that in previous lectures.
00:31
So we set up our function using our prologue, and then at the end, we're going to restore our function using the epilogue.
00:39
And so every time you write a function,
00:41
you should use these by default
00:46
and then recall when we set up using a prologue, right? We have a B p, which is R extended base pointer.
00:52
So the base pointer is gonna point to the old value of e v p. So that's what's on top of the stack.
00:57
And then we're gonna have our return address, and that's gonna be a T V P plus four
01:02
and then argument one is going to be a T B p plus eight and argument to a city BP plus C argument three is at a BP plus 10 hex,
01:12
and then it goes so on and so forth. So 14 18 1 C.
01:19
So, for example, right, If we want to copy the data the first parameter into a register ea X, we can use E b P plus eight
01:27
if we want to copy the second parameter. So in a Nazem, we have to put a zero if we're using a letter to start, and that's because otherwise that thinks it's a variables. We got zero C in hex.
01:40
So that's our second parameter.
01:42
So you can try and your own to figure out what is the third parameter.
01:48
So
01:49
the best way to learn this is to do an example. So we're gonna do example, while we're going to,
01:55
um, read one manager and print it, and then we'll we'll modify it so that it uses to, and then we're gonna use print F, and we're gonna print the values in Hexi Decimal.
02:10
All right, so we have our I've already created our project,
02:16
so I'll go ahead and start entering it
02:19
So the first thing that we're going to do is we're going to set up our format,
02:25
so our format is gonna have
02:29
zero X at the beginning so that we know this is a hex,
02:31
and then you can look up the print F string. So percent 08
02:37
and then in upper case X, so it's gonna print off zero leading digits. So the if we have less than eight digits, it'll print zeros.
02:46
We're gonna print up to eight digits. The X means we're gonna print in hex and the upper case X means it's gonna be uppercase.
02:53
I'm x
02:54
uppercase Hexi decimal.
02:57
And then we'll put a new line it end so that we have that at the end.
03:00
Then in our main, we'll go ahead and
03:04
read our numbers,
03:08
and we're gonna push our number onto the stack. So remember, read int.
03:14
The result is in the X, So we're gonna push that on to the top of our stack,
03:19
and our function is going to be called print Tex,
03:23
I'll do that. And then while I'm here, I'm gonna remember to correct the stack. So I push something on, so I need to pop it off. So I'll just to add yes, p
03:34
four Because I pushed on one argument.
03:37
So now will come down here into our function.
03:40
Here is a function Will do all prologue. Push BP, move!
03:46
E v P
03:50
Yes, P I'll come down here and do my epilogue while I'm remembering
03:53
movie B p e S p pop e v P
03:59
return.
04:00
So now I'm ready to do the main part of my function.
04:03
And so what I'd like to do here is I'd like to copy into E X my first parameter. So Movie X,
04:12
remember, it's an EVP based act, so the value at E v P
04:16
plus eight
04:20
I'll move that N d a x, and I'm gonna call my my printout function.
04:25
So the first argument is A formats during the second argument is the value I went to print. So I gotta push my value first, so I'm gonna push the X
04:32
and then I will move the X
04:38
format
04:40
push. X and I pushed the format.
04:43
So I've added to things on top of the stack.
04:46
I'm gonna call print F, and then I'm need to correct the stack because I've just printed off something. So add
04:53
yes, p eight Because I pushed on two things, each one of them taking up four bites.
05:00
Now, if you remember from the print F,
05:01
we have to tell it that print of is an external function.
05:06
So I have to say X turn
05:15
deaf.
05:17
Okay,
05:19
so I've access my first parameter. I have pushed that on and I'm gonna have my format. And now I'm pushing on my format,
05:27
calling print F and then correcting this deck
05:30
so
05:31
we should have everything lined up.
05:36
Alright. Complains about my clock being off, which is fine. So let's go ahead and run this.
05:43
So if I put in the number 100
05:45
it prints me off
05:46
at the zero X at the beginning, it prints off the leading digits. So I got six zeros in the front and then 100 Hexi Decimal is 64.
05:56
Or I could do something like zero x beef.
06:00
And again, it's printing in all uppercase because I did that with mine.
06:04
So let's suppose that we wanted to read in two numbers. Let's go ahead and go back in here.
06:10
So I read one number. Push it so I can do this again. Call
06:15
Creed, Aunt,
06:17
push the X
06:19
right. So now I have pushed on a second parameter. So now, instead of doing by four, I need to do by eight.
06:27
Right, Because I pushed on to things. I gotta basically pop them off or remove them. And I'm doing it using ad You could do to pops. That would be an equivalent way to do it.
06:38
So here I grab the first parameter. So now I want to grab my second parameter.
06:42
So my second parameter should be
06:46
E v P.
06:48
Plus.
06:50
See,
06:57
I'll do this little different
07:00
so I can directly push the format because it's just an address.
07:06
Call my printer function and I got to correct the stock because I pushed on two things.
07:13
Eight.
07:15
My function epilogue should be the same, right? So I haven't changed anything in that.
07:20
Okay,
07:23
now, if I run, make
07:25
and then run my programs like in Type in 100 Rex
07:30
Cafe
07:32
And so
07:33
it pushed these on in the reverse order. So Cafe is the 1st 1 that gets printed, so it's argument one and 100 is argument, too, and that's just by the way I pushed him onto the stack.
07:48
So today we talked about function arguments. We gave an example. We ran the example. We modified it so that it had more than one argument,
07:57
and we made sure that we corrected the stack every time.
08:01
So looking forward, we're gonna talk about saving registers when you modify them in a function and we'll look at some more complicated functions.
08:07
So here's our quiz. What is the first parameter of Anne BP based Deck
08:15
B Plus eight UBP plus eight?
08:20
What's the third parameter of a need? BP based Tech.
08:26
So that would be 10 hex or 16 base 10.
08:31
If you have questions, you can contact me at Miller MJ at Yoon Kato et you, and you can find me on Twitter at No House 30.

Up Next

Assembly

This course will provide background and information related to programming in assembly. Assembly is the lowest level programming language which is useful in reverse engineering and malware analysis.

Instructed By

Instructor Profile Image
Matthew Miller
Assistant Professor at the University of Nebraska at Kearney
Instructor