Assembly

Course
Time
13 hours 15 minutes
Difficulty
Beginner
CEU/CPE
14

Video Transcription

00:01
Additionally, we have the operations like call we can call a function name. So what call does is it pushes the address of the next instruction onto the stack
00:10
and then a cop. Easy, I p to that new function, location or address.
00:16
And then the reverse of that is the return. The return is going to allow us to exit a function so or return from a function.
00:24
So what that does is it pops off the return address from the stack and then moves I p e i p to that new address.
00:30
So we end up always having a call to a function, and then inside the function when it's done, will have a return. And so that's how we can write a program with functions. Now you've done this in class. We have called a lot of different functions. So, for example, call read into call print end culprit, NL.
00:48
All of those we are calling a function, and then we assume that it's going to resume
00:52
from the location that we were at before.
00:58
We also have the ability to allocate space using, add and subtract.
01:03
So, for example, we can say sub e s p X and that'll subtract X bytes from E S P.
01:08
So, typically, when you enter a function, you're going to do a subtract on E S p to allocate some temporary space that we can use for local variables or buffers.
01:18
And then at the end of the function, we can add back E S P so well typically add and subtract the same number of bytes.
01:26
And so this will unallocated that space. And we'll do that right before we leave a function.
01:30
And then if you ever go through and you are reverse engineering some code, you might see that when a function enters, it might do something like Andy S. P. And then you got a bunch of efs and a zero,
01:42
and this is because it is trying to make sure that yes, p is on an even boundary. And this is a security protection that some operating systems and some compilers implement to make it harder to attack these type of systems.

Up Next

Assembly

This course will provide background and information related to programming in assembly. Assembly is the lowest level programming language which is useful in reverse engineering and malware analysis.

Instructed By

Instructor Profile Image
Matthew Miller
Assistant Professor at the University of Nebraska at Kearney
Instructor