Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 3 Mar 2004 21:55:29 +0000
From:      Daniela <dgw@liwest.at>
To:        ari <edelkind@episec.com>
Cc:        hackers@freebsd.org
Subject:   Re: Strange behaviour in assembly language program
Message-ID:  <200403032155.29618.dgw@liwest.at>
In-Reply-To: <20040303162632.GC50518@episec.com>
References:  <200403022046.22882.dgw@liwest.at> <200403022210.31451.dgw@liwest.at> <20040303162632.GC50518@episec.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday 03 March 2004 16:26, ari wrote:
> dgw@liwest.at said this stuff:
> > > .text
> > > .global _start
> > > _start:
> > >         pushl   $8
> > >         pushl   $0
> > >         movl    $1, %eax
> > >         int     $0x80
> >
> > With this suggestion, it always returns 0 instead of 1.
> > Shouldn't pushl place 4 bytes on the stack? It translates into the
> > instruction 0x6A (pushes only one byte).
>
> 32-bit, 80386-based processors cannot push one byte onto the stack; they
> can push only in 2- or 4-byte increments (word or double-word).  While
> instruction 0x6a pushes an immediate one-byte value, this is only to
> save instruction space.  The number is in fact pushed as a 32-bit
> ("sign-extended") value.

Ah yes, silly me. I constantly forget the fact that when you push someting on 
the stack, the stack pointer does not increment but rather decrement. That's 
quite unnatural to me. The kernel expects the first argument 4 bytes *below* 
the stack pointer, and I pushed that stuff in the wrong order.

This code works to return 0x57:   31 c0 40 6a 57 50 cd 80
But that needs 8 bytes! Can't it be shortened?
I noticed that some registers contain zero on program startup. Can I safely 
assume they are always initialized to zero and just leave that 31 c0 out?
I would need at least one byte off to have it fit nicely into the padding of 
the e_ident array, while not stepping on the program header. *g*
(I've become fed up with software bloat)




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200403032155.29618.dgw>