CODEWITHSUNDEEP
cassemblybinarygdbhex
pretzlstyle
pretzlstyle

Reputation: 2962

Translating Assembly to C program

Here is the assembly code I'm looking at:

push   %ebp
mov    %esp, %epb
sub    $0x18, %esp
movl   $0x804a170, 0x4(%esp)
mov    0x8(%ebp), %eax
mov    %eax, (%esp)
call   0x8048f9b <strings_not_equal>
test   %eax, %eax
je     0x8048f78 <phase_1+34>
call   0x8049198 <failed>
leave
ret

The goal is to give the function of the assembly the correct input as to jump to the function phase_1+34. So here is what I am interpreting so far:

The first two lines are set up code for the function. The first 'sub' line is allocating space by moving '%esp' downward to store arguments to call the strings_not_equal function. I think that the two arguments being passed to strings_not_equal are 0x804a170 and the input value. I assume that <strings_not_equal> will return 0 if the passed strings are equal. The je then checks to see if %eax & %eax is zero, which will only happen if %eax = 0. So basically, it seems that the input string just has to be equal to 0x804a170.

Anyone see any flaws so far?

At this point, I'm stuck, and what I have tried isn't working. 0x804a170 in decimal is 134521200. But the function this is being passed to is expecting strings. So 0x804a170 should be converted to a string? and that string is what the input should be equal to?

I dunno. If anyone sees any flaws or can give me a pointer it is very much appreciated!

Upvotes: 0

Views: 287

Answers (2)

rcgldr
rcgldr

Reputation: 28808

Commented the code:

        push   %ebp                     ;function name is apparently phase_1
        mov    %esp, %epb
        sub    $0x18, %esp              ;allocate 24 bytes from stack
        movl   $0x804a170, 0x4(%esp)    ;[esp+4] = pointer to literal, static, or global string
        mov    0x8(%ebp), %eax          ;[esp  ] = [ebp + 8] (this and next instruction)
        mov    %eax, (%esp)
        call   0x8048f9b <strings_not_equal>
        test   %eax, %eax
        je     0x8048f78 <phase_1+34>   ;probably branches to next instruction after ret
        call   0x8049198 <failed>
        leave
        ret
        ...                             ;padding here, nop (0x90) or int 3 (0xcc) are common 
phase_1 + 34 ...                        ;continuation of phase_1

Upvotes: 0

Blindy
Blindy

Reputation: 67352

0x804a170 is a pointer to something considered a "string" by the runtime. Since you give no information about what it is, we can only guess it's either a pointer to the first character, followed by more characters and ending with a 0, or it's a pointer to the first character, and the previous 1/2/4/8 bytes describe the length as an integer.

It's not a string itself.

Upvotes: 2

Related Questions