ExpertCore

[Neo]

Following steps need to be followed to call C/C++ functions from an ASM code.

1. Compile C code and get the OBJ file
2. Call the C/C++ function as   .call _funcname(parameters)
   Example:
   

   Code: Select all

            SWAP2      lastVal, reg1
         SWAP4      reg1, reg1

         .call      _write_to_disk(reg1)

         ZERO      lastN
         ZERO      lastVal
         B         savelastVN                  ; Branch


   
   
   There are few things to notice here.
   
   • The C/C++ function is write_to_disk. But we have added '_' prefix. This usual as the compiler adds '_' to functions in the symbol table
   • Whenever we pass a parameter from ASM, we need to make sure the C/C++ function is ready accept the size of a register. For example: In a 32-bit system where registers are 32-bit, the C/C++ function prototype must be something like write_to_disk(int value)

NOTE 1 : If the function is called from inline assembly make sure you don't put the '_'
NOTE 2 : If it is x86 assembly, the calling function is 'call' without the dot (.) prefix.

[Herath]

I have seen programs Pushing parameters in to the stack before calling a function. (While disassembling little executable files.) . I am taking about x86 assembly.

[Neo]

In Intel x86 asm, call and return of functions handled using push/pop (stack) as you said. An example is given below.

Code: Select all

__declspec(naked) unsigned long
SET_AA(unsigned long inputDWord )
{
    __asm
    {
        mov eax, [esp+4]
        mov al, 0xAA
        ret               // final value is in eax
    }
}

__declspec(naked) void
function(unsigned long inputDWord, unsigned long *outputDWord)
{
    _asm
    {
    // you need a prolog/epilog to make C happy
    // here's the prolog:
    push ebp
    mov ebp, esp

    mov ebx, inputDWord    // the value you're going to change
    mov ecx, outputDWord   // address of where to put the result

    push ebx
    call SET_AA // puts the result in eax
    pop ebx

    // copy the result to the thing ecx points to (*outputDWord)
    mov [ecx], eax

    // epilog to keep C happy
    pop ebp
    ret
    }
}


[Herath]

Wow!. You seems to be great at asm. I like to learn that too. I know a bit. But I like to go further. There is no end to it!

Thank you for the explanation. I used to practice reverse engineering of software when I was home after A/Levels. I just had a memory of it.