Graphics Programs Reference
In-Depth Information
pointer (SFP) and is later used to restore EBP back to its original state.
The current value of ESP is then copied into EBP to set the new frame pointer.
This frame pointer is used to reference the local variables of the function
(
flag
and
buffer
). Memory is saved for these variables by subtracting from
ESP. In the end, the stack frame looks something like this:
Top of the Stack
Low addresses
buffer
flag
Saved frame pointer (SFP)
Return address (
ret
)
Frame pointer (EBP)
a
b
c
d
High addresses
We can watch the stack frame construction on the stack using GDB. In the
following output, a breakpoint is set in
main()
before the call to
test_function()
and also at the beginning of
test_function()
. GDB will put the first break-
point before the function arguments are pushed to the stack, and the second
breakpoint after
test_function()
's procedure prologue. When the program is
run, execution stops at the breakpoint, where the register's ESP (stack pointer),
EBP (frame pointer), and EIP (execution pointer) are examined.
(gdb) list main
4
5 flag = 31337;
6 buffer[0] = 'A';
7 }
8
9 int main() {
10 test_function(1, 2, 3, 4);
11 }
(gdb) break 10
Breakpoint 1 at 0x8048367: file stack_example.c, line 10.
(gdb) break test_function
Breakpoint 2 at 0x804834a: file stack_example.c, line 5.
(gdb) run
Starting program: /home/reader/booksrc/a.out
Breakpoint 1, main () at stack_example.c:10
10 test_function(1, 2, 3, 4);
(gdb) i r esp ebp eip
esp 0xbffff7f0 0xbffff7f0
ebp 0xbffff808 0xbffff808
eip 0x8048367 0x8048367 <main+16>
(gdb) x/5i $eip
0x8048367 <main+16>: mov DWORD PTR [esp+12],0x4
