64 bit calling convention

flat assembler
Message board for the users of flat assembler.

Index > Windows > 64 bit calling convention

Author

Thread

cl0ckw0rkz14

Joined: 18 Feb 2014
Posts: 21

cl0ckw0rkz14 08 Jul 2014, 12:47

Hi,

Is it the calling function's responsibility to free the 32 bytes of 'shadow' space after the called function returns? I assumed yes because I disassembled some code from mingw and all the functions seemed to end with RET not RET 32. However, I have some programs ported from Linux that crash when I do ADD RSP, 32 after a function returns. Just wanted to rule out the possibility I've misunderstood something?

Thanks

08 Jul 2014, 12:47

tthsqe

Joined: 20 May 2009
Posts: 767

tthsqe 08 Jul 2014, 13:04

the shadow space in not necessarly only 32 bytes. If more than 4 integer arguments are passed to the function, then the shadow space is bigger. This is probably the source of your crash.

08 Jul 2014, 13:04

revolution
When all else fails, read the source

Joined: 24 Aug 2004
Posts: 19869
Location: In your JS exploiting you and your system

revolution 08 Jul 2014, 14:41

cl0ckw0rkz14 wrote:

Is it the calling function's responsibility to free the [...] 'shadow' space after the called function returns?

Yes.

08 Jul 2014, 14:41

cl0ckw0rkz14

Joined: 18 Feb 2014
Posts: 21

cl0ckw0rkz14 09 Jul 2014, 05:43

Thanks I have it working now. Smile

09 Jul 2014, 05:43

< Last Thread | Next Thread >

Forum Rules:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum