text figures

Figure 1 INT 3 Padding


 1285EC4:    INT       3
 1285EC5:    INT       3
 1285EC6:    INT       3
 1285EC7:    INT       3
 1285EC8:    INT       3
 1285EC9:    INT       3
 1285ECA:    INT       3
 1285ECB:    INT       3
 1285ECC:    INT       3
 1285ECD:    INT       3
 1285ECE:    INT       3
 1285ECF:    INT       3
 1285ED0:    CMP       DWORD PTR [0128F4E8],01
 1285ED7:    JNE       01285EDE
 
 1285ED9:    CALL      012875B0
 1285EDE:    MOV       EAX,DWORD PTR [ESP+04]
 1285EE2:    PUSH      EAX
 1285EE3:    CALL      012875F0
 1285EE8:    ADD       ESP,04
 1285EEB:    PUSH      000000FF
 1285EF0:    CALL      DWORD PTR [0128F4E4]
 1285EF6:    ADD       ESP,04
 1285EF9:    RET
 
 1285EFA:    INT       3
 1285EFB:    INT       3
 1285EFC:    INT       3
 1285EFD:    INT       3
 1285EFE:    INT       3
 1285EFF:    INT       3
 1285F00:    MOV       EAX,DWORD PTR [ESP+04]
 1285F04:    MOV       [0128F4F0],EAX
 1285F09:    RET

Figure 3 HoseStack.cpp


 #include <string.h>
 #include <stdio.h>
 
 int main()
 {
     char szBuffer[4];
 
     strcpy( szBuffer, "Hello World!\n" );
     printf( szBuffer );
     
     return 0;
 }

Figure 4 String Instructions and Registers

MOVSB, MOVSW, MOVSD Writes to ESI, reads from EDI

SCASB, SCASW, SCASD Reads from EDI

STOSB, STOSW, STOSD Writes to EDI

LODSB, LODSW, LODSD Reads from ESI

Figure 5 RecursionOverflow.cpp


 int foo( int i )
 {
     return foo( i );
 }
 
 int main()
 {
     return foo( 2 );
 }

MOVSB, MOVSW, MOVSD	Writes to ESI, reads from EDI
SCASB, SCASW, SCASD	Reads from EDI
STOSB, STOSW, STOSD	Writes to EDI
LODSB, LODSW, LODSD	Reads from ESI