Simple Integer Array

Reverse Engineering Leave a comment

Hi Engineer,

I would like to write tutorial about C array in the assembly. Lets start from the basic concept

Here is the C code

Here is below the assembly code of the above code that I will explain one by one. The below code is check function.

Basically array will be accessed by the code using this pattern [base_address_of_array + array_index * size_of_an_item_in_array]

base_address_of_array is the first address of the first element of the array.

array_index is the element of the array that you are trying to access

size_of_an_item_in_array is the size of data type of each element of the array. Since our sample is using integer data type then the size is 4 bytes

Okay, We have known the concept of array and how to access it. So let see our code below highlighted

We can see that mov [ebp+eax*4+date] is the operation that assigning the value to array index. But we can see there is additional variable ‘date‘. What is date ?

since this loop opeartion is done in a function then date become local variable to that function which requires offset to the stack. You can see that below image to remind you again. Since the array is a local variable to the check function then the base_address_of_array = ebp+date where the explanation is ebp + offset (-2Ch)

Hasil gambar untuk assembly stack

Here is the reference of data type size that change the size in this code mov [ebp+eax*(Size)+date]

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s