assembly - How the stack is overwritten via deferencing MOV operation [Assembler x86]?

Question

Welcome To Ask or Share your Answers For Others

assembly - How the stack is overwritten via deferencing MOV operation [Assembler x86]?

posted Oct 7, 2021 in Technique[技术] by 深蓝 (71.8m points)

assembly - How the stack is overwritten via deferencing MOV operation [Assembler x86]?

I am learning how to use Ghidra Tool and I have a question of how to interpret one function. This is the simplified version:

Take this scenario: the location [RBP – 0x40], of the stack, has this value: 0xFFFF7710 (indeed this value is an address of another element in the stack... but for the question, this is irrelevant).

Now we store the address of that value in a register:

LEA RAX, [RBP – 0x40]

And finally, we execute these two instructions:

MOV EDX, 0xFFFF5520
MOV [RAX], DL

The final content in the stack [RBP – 0x40] is 0xFFFF7720, 0x00000020 or 0xFFFFFF20 ?

Is overwritten all the content of the stack [RBP – 0x40] via the last MOV operation or only the last byte ?

Thanks.

question from:https://stackoverflow.com/questions/65541444/how-the-stack-is-overwritten-via-deferencing-mov-operation-assembler-x86

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Reply

深蓝 · Answer 1 · 2021-10-06T18:52:47+0000

The result is 0xFFFF7720. Storing a byte to memory does not affect the other bytes of that word. (You could test it...)

Categories

assembly - How the stack is overwritten via deferencing MOV operation [Assembler x86]?

assembly - How the stack is overwritten via deferencing MOV operation [Assembler x86]?

Please log in or register to add a comment.

Please log in or register to reply this article.

1 Reply

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags