Functions
Files used ->10-function.c, 10-function.exe, 10-1-function-param.c, 10-1-function-param.exe, 10-function-cmdline-arg.c, 10-function-cmdline-arg.exe
Last updated
Files used ->10-function.c, 10-function.exe, 10-1-function-param.c, 10-1-function-param.exe, 10-function-cmdline-arg.c, 10-function-cmdline-arg.exe
Last updated
Loading the file in disassembly and locating main function →
We have our main function → sub_401020
Will go to this function →
This is a simple one, we have prologue then a call to another function then the return 0 via xor and lastly epilogue.
Since this is user code, we will have to look for other function call as well.
Here, we can see that a string (’I just got executed’) is being printed.
Lets see source code→
This was just a simple function call.
Another program →
Locating Main function and moving in it.
Here, inside main function. We can see call to a single function sub_401000 thrice and different argument passed everytime (Liam, Jenny, Anja)
This can be print function. Lets look into this function to see if its C lib function or user code function.
Inside sub_401000, we can see another function call with some arguments which seems to be argument for printf, pushing value, pushing offset. In offset we can see “Hello %s\n”. Which is highly unlikely to be in printf function (C lib), to call printf function inside it. Therefore, this (sub_401000) is also a User code function.
We have arg_0, which is the argument passed from main function to this function. This argument is pushed onto the stack, along with Offset and printf function is called.
Inshort, main function is calling other function with 1 argument, and that function is printing that Argument.
Let see the source code→
Lets see an example of command line argument →
If we look at the standard syntax of main function we have a few default arguments. The first one is argc, which denotes the count of argument provided to main. Then we have a pointer array argv[] which points to each argument passed.
Lets look at the disassembly.
Here, we have first arg_0, which is argc and then arg_4 i.e. argv[]
Then a comparison with arg_0 is done with 2, that means it is checking if the number of argument is 2.
Then we can see if the comparison does not satisfy then execution moves to right , where it prints ‘Please Provide Argument’. Else it moves to left, then moves arg_4 into the register and pushes onto stack for printing that argument.
Lets see the source code→
