Understand code C++/Assembly

Asked

Viewed 337 times

0

I am studying a Node, and in this process I decided to help in the study migrate a system in c/c++ to Node, but I am not familiar with c/c++ and I appeared a piece of code that I am not able to understand very well what it does, could help me ?

__declspec(naked) void NKD_AddMessage()
{
    __asm
    {
        PUSH [EBP + 0xC]
        PUSH [EBP + 0x8]
        CALL HKD_AddMessage
        ADD ESP, 0x8

        PUSH EAX

        MOV EAX, 0x41F8C0
        CALL EAX

        POP EAX

        MOV DWORD PTR SS:[EBP + 0x8], EAX
        MOV DWORD PTR SS:[EBP - 0x108], EAX

        RETN
    }
}
c c++ socket assembly
  • 1

    Will you convert this to Node? Good luck, you will need a lot.

1 answer

-2


This is not C++, it is Assembly (machine code). It is the call sequence of a function in Assembly.

The call sequence is stacking parameters for the Hkd_addmessage function (instructions PUSH [EBP+...]), and then the function is executed. At Hkd_addmessage return the previously stacked parameters are pop-up (ADD SP,8).

Next is being called indirectly (CALL EAX) the address function 0x41F8C0. This function leaves a result on the stack, which is recovered in the EAX register (POP EAX) and saved in two memory addresses in the stack area (PUSH DWORD PTR SS:[EBP etc).

There may be some detail that is not quite right (I am writing in my head, without consulting anything), but in general this is what I wrote there.

  • Fix: the Hkd_addmessage function left a result in the EAX register; this result is saved to the stack (PUSH EAX) before the call of the function 0x41F8C0; in the turn of this function the value that was saved before in the stack is restored back to EAX, and is this value (returned by the 1st function call) which is saved in the SS:[EBP + 0x8] and SS:[EBP + 0x108] positions. I guess that’s it. :)

  • 1

    I do not believe that "Assembly" is machine code, I believe that Assembly is a low-level language, which will be mounted in machine code through an assembler "Assembler". I may be wrong, but I don’t believe.

  • @Precious magichat

  • 1

    If you believe that the correct definitions are preciousness, you should review your definition of preciousness.

  • @Magichat thanks for the advice

  • Hehe... If you edit what is wrong in your reply, I can convert my vote.

  • The belief that Assembly and machine code are the same thing can bring about a series of theoretical errors that would harm the understanding of language. The conversion of the instructions into ASM machine code is done by the Assembler based on the operators used, believing that they are the same thing would bring the false belief that the instructions with different operators are equal (as in ASM)And I’ve seen a lot of people who have a hard time understanding instructions because of it. Another example would be the fact that the process of converting Assembly to machine code is totally "masked" as non-existent.

  • Just one more example: Things like prefixes and attributes of the instructions are hard to understand if you think Assembly and machine code are the same, the same goes for addressing using Modr/M and SIB bytes. The abstraction level of Assembly is very low, but there is still abstraction.

  • Hmmm...one of my first big projects in college was writing an assembler...at the end of the course we wrote a compiler...and that was last century...it is logical that Assembly does not always convert 1 to 1 into machine code, but for the answer in question it is irrelevant......

  • It is irrelevant indeed, I am not proposing that this be explained in this answer. The question is only the wrong information that Assembly is machine code. It would be the same mistake to claim that a mixer is a motor. It’s not precious, it’s nowhere near precious.

  • You are not obliged to correct your mistake, I am just leaving the correction here for other people who can read. You reduce the correct information to the word "preciousness" ends up disturbing the learning of others. You don’t need to correct your mistake, but so you are encouraged to have others make the same mistake.

  • actually that’s c++ yes, merged with Assembly, Assembly is what’s inside the __asm loop, it’s hard to see that, but it’s possible... who needs better performance possible, is using it, or simply because likes to brush bits...

  • and more specifically, microsoft c++ "__declspec" is an extension of microsoft c++ to signal functions to the compiler, used for example to tell which function will be exported in a dll

Show 8 more comments

Browser other questions tagged c c++ socket assembly

You are not signed in. Login or sign up in order to post.