13 hours 15 minutes
Hello, This is Dr Miller, and this is Episode 14.2 of Assembly.
Today we're going to try to talk about structures, will talk about their layout and offsets
structure and layout.
So here we're giving a structure. So we have several different members afloat. F A character see an initial D
and an unsigned character array called T of size six.
And so we can see inside the code that we are setting different values of each member of the structure.
And so with the structure, the layout starts at the first declaration of the first variable, and then it rounds to the nearest even bite boundary for the next size. So for bites, it'll just put one after the other, starting at the beginning and going through
for shorts. If it's at address one, it'll round up to two for floats around up to four energies for
and then longs on a 32 bit architecture around before and on a 64 world round 28
and then doubles round 28
So those are just some examples. Different ones will, depending on the architecture will brown two different sizes.
But then, if we're on a 32 bit architecture more round to the nearest four byte boundaries. So if we have a double, it'll round to the nearest four by boundary, cause it's just 32 bits.
And if we're on a 64 bit, then it would go all the way up to possibly an eight by boundary for that structure.
So here we're gonna have an example. We're gonna use the original code that we saw. So
when we have a float that's gonna take up four bites and we can see that zero starts the beginning, we can see that we have increasing memory addresses. So 0123 and then here we have increasing memory and justice, so they go up in size.
So our float takes four bytes. And so we here we fill in the 1st 4
Now we have a character, so that's going to go with the next bite.
But then our next object is going to be an imager. And so instead of starting it here, it rounds up to the nearest four byte boundary. So energy takes up four bites. So it starts here and goes up. And the reason why they round up to this is because
it's faster to access things at even bite boundaries as opposed to odd byte boundaries. So the processor is much, much faster. If it can
do that rounding automatically
and then the last, we have a character array of size six.
So you start here. 01234 and five.
That gives us our size six.
So the offsets.
So here I took the C code, and then I did a disassembly on it, and we can see
that we have the different offsets. So I've written them here, and we can see that are offsets are starting a B p minus. And then we have a value,
so are based. Down here is a B P minus 20
and then as we can go, weaken cr different offsets. So our character is at minus one C.
We have our inner jer at minus 18 in Hex, which is 24 decimals. I wrote the decimal over here,
and then we can see that our characters we had a bite. Ah, minus 14. And then we can see this is minus 13 on his 12 minus 11 minus 10
so we can see that it picked the appropriate byte boundaries. And the reason why it doesn't just compress them willy nilly is because if you bright a program using different compilers, it has to be able to understand. Okay, where would the bite boundary be for this type of structure?
And so it always follows these different rules.
But again, if you want to understand where it's gonna go, you can go ahead and disassemble it in order to understand exactly how that structure is working if you have. If you know what it looks like in C and so then we can understand. We can see that we're moving a bite here or removing a D word here
for each one of those, and we can see that it automatically does the D word, even though we just have FF and that is automatically set by the compiler.
So today we talked about the structure layout and then offsets.
Looking forward, we'll take some example structures and look how to reverse engineer them, um, and then there how to program them if we wanted to manipulate them directly.
So here's a quiz. So given the following structure, what would the offsets be for each variable.
So here, if we have 32 bit, the character see, is going to start at zero.
L will start at four, and then D will start at eight.
And again, we're going negative. So it's going to go the opposite direction. And then let's look at 30 at 64 bit.
So for 64 bit, we got 08 and 16.
So we will round this up to the nearest eight byte boundary and then this one up to the nearest 16 because this one will take actually eight bites
so we can see the offset tier minus 20 minus 18 and minus 10.
If you have questions, you can email me Miller MJ at you and Kate I e to you. You can find me on Twitter at Milhouse 30
How to Use GDB (BSWJ)
In this part of the Breaking Stuff with Joe (BSWJ) series, Joe Perry demonstrates how ...
Certificate of Completion Offered
How to Use IDA (BSWJ)
The IDA is used throughout the IT and cybersecurity industries by exploit developers, vulnerability analysts, ...
Certificate of Completion Offered