Local Variables

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Course
Time
13 hours 15 minutes
Difficulty
Beginner
CEU/CPE
14
Video Transcription
00:00
Hello. This is Dr Miller, and this is Episode 7.1 of Assembly.
00:05
Today we're gonna talk about local variables,
00:09
so local variables are variables that are used inside of a function, and then the value disappears. Or at least it's not accessible when the function is finished.
00:18
Actually, by definition, the value is still on the stack,
00:21
but it is not accessible, and we can't use it.
00:25
So here's an example with several different local variables. So, for example, inside of its function Fu, we have the local variable some and the local variable I
00:36
while in the main function we have a local variable called Why, in a local variable called X,
00:42
these are gonna you be used inside of the functions. And so programmers will often use them when they're programming programming in a high level language.
00:51
Now that's going to get lost. Those names will be lost, but we'll be able to see it when we reverse engineer or look at,
00:58
ah, high level language that gets compiled down, and that'll give us a good example of how we're going to be able to use them.
01:04
So local variables used the e BP register and then the first variable is that CBP minus four
01:11
and so e v p points to the old value of V B P. So if we go down, E v p minus four is gonna be our first local variable, and then our second role, be it eight and then 12 16 multiples of four.
01:26
So if you're going to allocate them, you can say sub BSP where e s P will point tvp
01:33
and then X. If you have x number of local variables, you take X times four. Now give you them out. So, for example, if you have 10 variables,
01:42
then you'd say sub e b E s p
01:46
four times 10. We should be 40
01:48
or if you just have one, you just subtract for
01:51
and so that's how you're going to do it inside of our program.
01:56
Here's another example. So if we have a local variable weaken increment that
02:00
now we can't increment it directly in memory and so we have to copy the value from the local variable CBP minus four into a register se X
02:10
and then increment that and then save that value back onto the stack. And so that's the equivalent of like a high level language
02:19
like C or C plus plus or java to the single command X plus. Plus so just to increment a variable that we have.
02:28
So here's a couple examples. If I have X equals zero y equals one and Z equals two in the high level language of C.
02:35
If I get that into assembly, I have three variables.
02:38
Times four gives me 12. So I need to subtract 12.
02:43
And then I could move zero into X one in the UAE and two and Dizzy.
02:47
And so we have the notion of thinking of them as just offsets. And so X is offset for minus for Why is minus eight and Z is minus 12?
02:58
And then, since we did a subtract, we have to do an ad at the end to correct our stack.
03:05
Now here we take the same thing, and we're gonna do X is equal to y plus Z.
03:09
And so we said our initial values here at the beginning we still subtract 12
03:15
but then we might want to move in to yea X
03:19
X and then into Pboc's why, and then add those to the two together and then store them a Z.
03:25
I may have done the little backwards, so them in excess, we load
03:30
y and Z and then store them back in X
03:34
so we can see how we can manipulate something that is in a local variable.
03:38
And we just have to be able to do our operations on that locally, inside of a register, and then we can save it back onto the stack.
03:46
And that's where our local variables will live.
03:52
So the example program that we gave earlier where we can compile that with GCC minus M 32 so that it has 32 bit
04:00
and the name of our file was test dot c. In my example, you can call it whatever you want.
04:04
Um and then if you don't give it out, profile it by default creates a doubt on Lennox.
04:12
And so then we can do a object dump, which will show us the assembly version of that, and we'll look at that here in a little bit.
04:19
So,
04:21
for example, if we have our function called Fu, if we look at a disassembly of that,
04:27
we will see that we got zero going to the end of our
04:30
80 going into a bar. Four. It's hard to tell because both some starts at zero and I start to zero.
04:39
But if we look inside of here, we'll see that we're adding to bar for one each time,
04:45
whereas the some looks like it's going into Bar eight. So we're loading the value of
04:51
I and then adding it to what's in Hvar eight.
04:56
And then you can see at the bottom. Here we see movie a X e B P plus var eight. And so that's going to copy the value some into yea X, which is the return register. And then we're seeing our return at the end
05:11
and so we can see that there will be a clear,
05:14
um,
05:15
definition of what gets produced in here based on the source code. And so there's a mapping that goes from source code to assembly. But as you can see, I gave that nice names in here like some and I and those all got lost. And so all we ended up with is a variable name.
05:39
So today we discussed local variables,
05:42
and in the future, we're going to give a local variable example. So we'll start off and will build on entire program.
05:47
And we'll basically implement from scratch using local variables.
05:51
And then, in a future lecture will talk about the intern. Leave instructions.
05:58
So the quiz. The question is, what is the offset of the third parameter
06:01
that we can use or local variable?
06:04
And that is zero XY,
06:08
and it's actually negatives. Iraq. See
06:11
right, because we're going below the stack.
06:14
So if you have questions, you can contact me at Miller MJ at you and Kate I e. To you and on Twitter at Milhouse 30.
Up Next
Assembly

This Assembly language course will provide background and information related to programming in Assembly: the lowest level programming language which is useful in reverse engineering and malware analysis.

Instructed By