flat assembler
Message board for the users of flat assembler.

Index > Main > where this mem alloc is freed?

Author
Thread Post new topic Reply to topic
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee 01 Jun 2011, 14:05
You can see at the code below a push ecx used like a sub esp,4, but where it is freed?
(no fasm syntax, sorry)
Code:
   tv64 = -4
 _argc$ = 8
 _argv$ = 12
 _main  PROC NEAR
        push   ebp
        mov    ebp, esp
        push   ecx            ; ### here!!! #######################

        mov    eax, DWORD PTR _argc$[ebp]
        mov    DWORD PTR tv64[ebp], eax
        mov    ecx, DWORD PTR tv64[ebp]
        sub    ecx, 1
        mov    DWORD PTR tv64[ebp], ecx
        cmp    DWORD PTR tv64[ebp], 3
        ja     SHORT $L810
        mov    edx, DWORD PTR tv64[ebp]
        jmp    DWORD PTR $L818[edx*4]
 $L806:
        push   1
        call   _MyFunction
        add    esp, 4
        jmp    SHORT $L803
 $L807:
        push   2
        call   _MyFunction
        add    esp, 4
        jmp     SHORT $L803
 $L808:
        push   3
        call   _MyFunction
        add    esp, 4
        jmp    SHORT $L803
 $L809:
        push   4
        call   _MyFunction
        add    esp, 4
        jmp    SHORT $L803
 $L810:
        push   5
        call   _MyFunction
        add    esp, 4
 $L803:
        xor    eax, eax

        mov    esp, ebp
        pop    ebp
        ret    0
 $L818:
        DD     $L806
        DD     $L807
        DD     $L808
        DD     $L809
 _main  ENDP    


i didn't find an extra pop or add esp,4.

_________________
Sorry if bad english.
Post 01 Jun 2011, 14:05
View user's profile Send private message Reply with quote
edfed



Joined: 20 Feb 2006
Posts: 4334
Location: Now
edfed 01 Jun 2011, 14:23
i found exactlly 5 add esp,4 in this code.

apparentlly, ebp is the frame pointer, push ecx is a variable creation, and this variable is used a lot in your code. its name is tv64.

Code:
tv64 equ ebp-4
argc equ ebp+8
argv equ ebp+12
mov    eax,[argc] ;
        mov    [tv64], eax
        mov    ecx,[tv64]
        sub    ecx, 1
        mov    [tv64], ecx
        cmp    [tv64], 3
        ja     .5
        mov    edx, [tv64] 
    
Post 01 Jun 2011, 14:23
View user's profile Send private message Visit poster's website Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee 01 Jun 2011, 14:36
edfed wrote:
i found exactlly 5 add esp,4 in this code.

But they are freeing the param of each call function (Calling Convention cdecl i think) and not the push ecx.

_________________
Sorry if bad english.
Post 01 Jun 2011, 14:36
View user's profile Send private message Reply with quote
edfed



Joined: 20 Feb 2006
Posts: 4334
Location: Now
edfed 01 Jun 2011, 14:43
i see mov esp,ebp
Code:
$L803:
        xor    eax, eax

        mov    esp, ebp ;;;;;;;;;;;;;;;;;; here
        pop    ebp
        ret    0 
    


it is exactlly what you seek.
Post 01 Jun 2011, 14:43
View user's profile Send private message Visit poster's website Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee 01 Jun 2011, 14:50
i dont got it Sad

it seems "pop ebp" is popping "push ecx", so "push ebp" is trashed.

I think its bc in a main function there is no need to free the stack when returning back to the system control.
Post 01 Jun 2011, 14:50
View user's profile Send private message Reply with quote
edfed



Joined: 20 Feb 2006
Posts: 4334
Location: Now
edfed 01 Jun 2011, 15:03
edfed wrote:
i see mov esp,ebp
Code:
        push   ebp
        mov    ebp, esp; ### here!!! #######################
        push   ecx            
$L803:
        xor    eax, eax

        mov    esp, ebp ;#######################here#######################
        pop    ebp
        ret    0 
    


it is exactlly what you seek.
Post 01 Jun 2011, 15:03
View user's profile Send private message Visit poster's website Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 570
Location: Brazil
Teehee 01 Jun 2011, 15:17
ohhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh hahahaha sorry Razz im a lil bit slow Laughing
Post 01 Jun 2011, 15:17
View user's profile Send private message Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid 01 Jun 2011, 18:45
Teehee: best solution is to walk over the code yourself in debugger, and watch ESP value
Post 01 Jun 2011, 18:45
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.