In this article, we will look into the x86 assembly code, analyze it and try to construct the corresponding C code. Let’s look into the following x64 assembly code:
0000000000400546 <main>: 400546: push rbp 400547: mov rbp,rsp 40054a: sub rsp,0x30 40054e: mov rax,QWORD PTR fs:0x28 400555: 00 00 400557: mov QWORD PTR [rbp-0x8],rax 40055b: xor eax,eax 40055d: mov WORD PTR [rbp-0x20],0x6948 400563: mov BYTE PTR [rbp-0x1e],0x0 400567: mov WORD PTR [rbp-0x10],0x6948 40056d: mov BYTE PTR [rbp-0xe],0x0 400571: mov DWORD PTR [rbp-0x24],0xffffffff 400578: mov DWORD PTR [rbp-0x28],0x0 40057f: jmp 4005ab <main+0x65> 400581: mov eax,DWORD PTR [rbp-0x28] 400584: cdqe 400586: movzx edx,BYTE PTR [rbp+rax*1-0x20] 40058b: mov eax,DWORD PTR [rbp-0x28] 40058e: cdqe 400590: movzx eax,BYTE PTR [rbp+rax*1-0x10] 400595: cmp dl,al 400597: je 4005a7 <main+0x61> 400599: mov DWORD PTR [rbp-0x24],0x0 4005a0: mov eax,0x0 4005a5: jmp 4005d3 <main+0x8d> 4005a7: add DWORD PTR [rbp-0x28],0x1 4005ab: mov eax,DWORD PTR [rbp-0x28] 4005ae: cdqe 4005b0: movzx eax,BYTE PTR [rbp+rax*1-0x20] 4005b5: test al,al 4005b7: je 4005c7 <main+0x81> 4005b9: mov eax,DWORD PTR [rbp-0x28] 4005bc: cdqe 4005be: movzx eax,BYTE PTR [rbp+rax*1-0x10] 4005c3: test al,al 4005c5: jne 400581 <main+0x3b> 4005c7: mov DWORD PTR [rbp-0x24],0x1 4005ce: mov eax,0x0 4005d3: mov rcx,QWORD PTR [rbp-0x8] 4005d7: xor rcx,QWORD PTR fs:0x28 4005de: 00 00 4005e0: je 4005e7 <main+0xa1> 4005e2: call 400420 <__stack_chk_fail@plt> 4005e7: leave 4005e8: ret 4005e9: nop DWORD PTR [rax+0x0]
0 Comments