Parameters and Ret, How to read parameters and then allow Ret to execute correctly

Track this topic | Email this topic | Print this topic

kamil

Active Member

Group: Members
Posts: 44
Member No.: 46261
Joined: 16-September 11

Good day
I see that parameters are Pushed.
But then Call also Pushes the return / next instruction address to the stack
Since one has to Pop the return address out of the stack in order to Pop the parameters how does one read parameters and ensure that the Ret executes correctly?

Regards
Kamil


shoorick
Extremely Active Member Group: Admins Posts: 2301 Member No.: 160 Joined: 22-June 04	the values in stack are accessible with pointing relating to stack pointer on procedure enter - ebp (enchanced base pointer) register is pushed to stack and esp (enchansed stack pointer) value copied to ebp, ebp value usually is not altered until procedure exits and used to access to stack parameters and local variables, eg.: mov eax,[hWnd] in certain case can be equal to: mov eax,[ebp + 8] etc.


kamil
Active Member Group: Members Posts: 44 Member No.: 46261 Joined: 16-September 11	Hello, Shoorick i think we misunderstood each other Here is a pseudo code ; calling procedure push Parm1 ; a parameter is pushed call Proc1 ; call pushes Instruction Pointer onto ; stack and loads Instruction Pointer with the address of Proc1. ; Now the stack has on top the return address ; and a parameter below it ; Here is what i would do in the called procedure .data RetAddress dword ? Parm1 dword ? .code pop RetAddress ; saving the return address pop Parm1 ; read a parameter ; some code push RetAddress ; push the return address back to stack ret ; Transfers control from a procedure back to the instruction address ; saved on the stack. That's my take My question is , what's the common practice of returning from a called with parameters procedure? Kamil

shoorick

Extremely Active Member

Group: Admins
Posts: 2301
Member No.: 160
Joined: 22-June 04

there are many ways to call procedure with parameters and return, they are described in "calling conventions" (look web for details).

most common under win32 is "stdcall":

CODE

... ; -- <- stack
push 25 ; 25
call my_proc ; 25
mov ecx,eax; --, ecx = 50
...

my_proc: ; adr 25 <- stack
push ebp ; {ebp} adr 25
mov ebp,esp; {ebp} adr 25 <-- now ebp points to {ebp}
mov eax,[ebp+8]; [ebp]->{ebp},[ebp+4]->adr, [ebp+8]->25 (=param)
add eax,eax; eax=25+25=50
mov esp,ebp; esp restored as at start of proc
pop ebp; ebp restored, stack: adr 25
ret 4; return: pops adr from stack and removes 4 bytes from stack

when you use "proc" macro, it adds some high level-like work:

CODE

... ; -- <- stack
;push 25 ; 25
;call my_proc ; 25
invoke my_proc,25; do same as code above
mov ecx,eax; --, ecx = 50
...

proc my_proc,x_param
;push ebp ; \
;mov ebp,esp; -- this code added automatically by "proc" keyword

mov eax,[x_param]; "x_param" is automatically replaced with "ebp+8"
;mov eax,[ebp+8]

add eax,eax

ret
;mov esp,ebp; \
;pop ebp; >-- this all automatically replaced with "ret" inside "proc"
;ret 4; /

endp

finally, instead of "mov esp,ebp/pop ebp" the "leave" command is using, which does the same. the manner of such parameters transfer through stack is calling "procedure frame".

slightly similar is creating local variables for procedure in stack, which are as temporal, as parameters.


kamil
Active Member Group: Members Posts: 44 Member No.: 46261 Joined: 16-September 11	Thank you. I found something new to me in your reply Procedures are just blocks of code between an identifier and a ret instruction. call my_proc ------- my_proc: ; identifier like a label or a var. name push ebp mov ebp,esp mov eax,[ebp+8] ; reading a parameter ; some code mov esp,ebp; esp restored as at start of proc pop ebp; ebp restored ret 4; return: pops return address from stack and removes 4 bytes from stack regards Kamil

0 User(s) are reading this topic (0 Guests and 0 Anonymous Users)

0 Members:

« Next Oldest | Newbies | Next Newest »

Pages (2) [1] 2