hello everyone..
int fun()
{
/* anything */
}
int main(void)
{
fun();
}
in this program, when the control is transferred to function fun()..
the return address is pushed to the stack..
Is it possible to access this value..??
62  2876 
jt wrote:
hello everyone..
int fun()
{
/* anything */
}
int main(void)
{
fun();
}
in this program, when the control is transferred to function fun()..
the return address is pushed to the stack..
Is it possible to access this value..??
Of course it is. Most viruses do.
But we will not tell you how.
--
jacob navia
jacob at jacob point remcomp point fr
logiciels/informatique http://www.cs.virginia.edu/~lcc-win32
On Sun, 03 Aug 2008 09:32:16 -0700, jt wrote:
hello everyone..
int fun()
{
/* anything */
}
int main(void)
{
fun();
}
in this program, when the control is transferred to function fun().. the
return address is pushed to the stack..
(I'll pretend you just wrote "the return address is saved" instead.)
Not on my system, and if it is on yours, consider getting a better
compiler. It's possible for the compiler to either see that fun has no
side effects and eliminate the call, or to inline fun. The former probably
won't happen if you make fun actually do something, but the latter quite
possibly will. If it is, there is no return address, so there is no
location holding the return address.
Is it possible to access this value..??
If the value exists at all, there is no standard way to access it. Some
implementations have options for this; check the documentation. But even
if you find it, what could you sensibly do with it?
jt wrote:
hello everyone..
int fun()
{
/* anything */
}
int main(void)
{
fun();
}
in this program, when the control is transferred to function fun()..
the return address is pushed to the stack..
This needn't be so. The compiler could inline fun, eliminate it
altogether, store the "return address" on a different stack etc. IOW,
this is a detail of your implementation and it can vary in seemingly
unpredictable ways.
Is it possible to access this value..??
Not from portable C code. You'll need to know in fair detail the calling
conventions for your implementation, and make sure that optimisations
like inlining are not in effect for this function. Practically
speaking, you'll have to learn the internals of your implementation and
the assembly language that is used on your system.
Some implementations provide convenient extensions for this purpose
(example, gcc's __builtin_retur n_address intrinsic), on others you may
have to resort inline assembler.
jacob navia wrote:
jt wrote:
>hello everyone..
int fun()
{
/* anything */
}
int main(void)
{
fun();
}
in this program, when the control is transferred to function fun()..
the return address is pushed to the stack..
Is it possible to access this value..??
Of course it is. Most viruses do.
But we will not tell you how.
A truly determined and talented virus writer isn't going to be put off
by your answer. In fact, such persons probably won't post in this
group, in the first place. It's probable that curiosity is what's
motivating the OP to ask this question.
jt <ka**********@g mail.comwrites:
int fun()
{
/* anything */
}
int main(void)
{
fun();
}
in this program, when the control is transferred to function fun()..
the return address is pushed to the stack..
Maybe, maybe not. The language says only that after the function
finishes, execution continues after the call. It says nothing about
how this is accomplished. The C standard doesn't even mention a
"stack", and yes, there really are C implementations that don't use a
contiguously allocated hardware stack.
Is it possible to access this value..??
It's not possible to access this value portably given the code you've
presented.
If you like, you can maintain your own stack of function addresses.
For example, on entry to each function, you can push the address of
the current function onto a stack (a data structure you can implement
in any of a variety of ways) of function pointers. But this only
gives you the address of each *function*; it doesn't tell you where
within a function a call occurred.
Assuming the call to fun() isn't inlined, there's probably some
information somewhere in memory that's a close approximation of what
you're looking for. As I said, there's no portable way to get at that
information. A debugger (such as gdb) does maintain such information
and lets you display it as the program runs under its control, but it
uses an intimate knowledge of the particular system to do so.
If you have some real reason to access that kind of information
yourself, you'll have to ask in a forum that discusses the particular
system you're using -- and any information you get is likely to be
inapplicable to other systems.
--
Keith Thompson (The_Other_Keit h) ks***@mib.org <http://www.ghoti.net/~kst>
Nokia
"We must do something. This is something. Therefore, we must do this."
-- Antony Jay and Jonathan Lynn, "Yes Minister"
In article <g7**********@r egistered.motza rella.org>,
santosh <sa*********@gm ail.comwrote:
>jacob navia wrote:
>jt wrote:
>>in this program, when the control is transferred to function fun()..
the return address is pushed to the stack..
Is it possible to access this value..??
>Of course it is. Most viruses do.
But we will not tell you how.
>A truly determined and talented virus writer isn't going to be put off
by your answer. In fact, such persons probably won't post in this
group, in the first place. It's probable that curiosity is what's
motivating the OP to ask this question.
Why do you lock your car? A truly determined and talented car thief
isn't going to be put off by the car door locks, and probably
wouldn't post about car door locks in public the first place.
It's probable that curiosity is what is motivating anyone asking
about car door locks -- so why not just leave your doors unlocked
or tell everyone where you hide the spare key?
I don't know about where you live, but where I live, there is a
serious problem with what are referred to as "joy riders" --
children 12 to 17 who wander around and when they see an
unprotected car, steal it and race around in it, abandoning
it somewhere else, usually after having banged up the car a bit
either through carelessness or as part of the "fun". This isn't just a
problem of a little bit of vandalism and "redistribution " of property:
there have been a number of high-speed police chases, and there have
been people killed by the crashes (these theives often don't
respect red lights.)
Is there a problem with professional car theives in this city? Yes.
But the professionals usually drive carefully, because they don't
want to attract attention to themselves. There is a bigger problem
with the unprofessional joy riders. How do the joy-riders decide
what to steal? Answer: what-ever is most convenient. Left
your car running for 3 minutes while you dashed into a convenience
store to get a package of cigarettes? Good-bye car... Secured
your steering wheel with a locking device ("a club") while your
neighbour didn't bother? Good-bye your -neighbour's- car, yours
wasn't worth the bother to a joy rider.
Moral: If someone is determined to write a virus or similar,
at least make them *work* for it. Don't make it easy for people
to go joy-hacking: there are a lot of people who can't be bothered
to get serious about such things, but will do it if it is easy.
--
"The quirks and arbitrariness we observe force us to the
conclusion that ours is not the only universe." -- Walter Kistler
Walter Roberson wrote:
In article <g7**********@r egistered.motza rella.org>,
santosh <sa*********@gm ail.comwrote:
>>jacob navia wrote:
>>jt wrote:
>>>in this program, when the control is transferred to function
fun().. the return address is pushed to the stack..
Is it possible to access this value..??
>>Of course it is. Most viruses do.
But we will not tell you how.
>>A truly determined and talented virus writer isn't going to be put off
by your answer. In fact, such persons probably won't post in this
group, in the first place. It's probable that curiosity is what's
motivating the OP to ask this question.
Why do you lock your car? A truly determined and talented car thief
isn't going to be put off by the car door locks, and probably
wouldn't post about car door locks in public the first place.
It's probable that curiosity is what is motivating anyone asking
about car door locks -- so why not just leave your doors unlocked
or tell everyone where you hide the spare key?
I hope you can see the difference between securing property and refusing
to answer a rather commonly asked question based on unwarranted
assumptions. Even if the OP were not given a single useful answer here,
it's still *trivially* easy to find out the details for his system.
Such information is available all over the Net. Besides getting at the
return address is only the first step to writing really good viruses -
they aren't as easy anymore as they once were. OTOH a locked car is
very difficult to steal, thus the precaution makes a great deal of
sense.
<snip>
Moral: If someone is determined to write a virus or similar,
at least make them *work* for it. Don't make it easy for people
to go joy-hacking: there are a lot of people who can't be bothered
to get serious about such things, but will do it if it is easy.
I think we differ as to whether the OP's question has a hidden agenda to
it or not. I took it at face value, as I myself have once considered
such matters out of sheer curiosity.
On 2008-08-03, Walter Roberson <ro******@ibd.n rc-cnrc.gc.cawrote :
In article <g7**********@r egistered.motza rella.org>,
santosh <sa*********@gm ail.comwrote:
>>jacob navia wrote:
>>jt wrote:
>>>in this program, when the control is transferred to function fun()..
the return address is pushed to the stack..
Is it possible to access this value..??
>>Of course it is. Most viruses do.
But we will not tell you how.
>>A truly determined and talented virus writer isn't going to be put off
by your answer. In fact, such persons probably won't post in this
group, in the first place. It's probable that curiosity is what's
motivating the OP to ask this question.
Why do you lock your car? A truly determined and talented car thief
isn't going to be put off by the car door locks, and probably
wouldn't post about car door locks in public the first place.
It's probable that curiosity is what is motivating anyone asking
about car door locks -- so why not just leave your doors unlocked
or tell everyone where you hide the spare key?
I don't know about where you live, but where I live, there is a
serious problem with what are referred to as "joy riders" --
children 12 to 17 who wander around and when they see an
unprotected car, steal it and race around in it, abandoning
it somewhere else, usually after having banged up the car a bit
either through carelessness or as part of the "fun". This isn't just a
problem of a little bit of vandalism and "redistribution " of property:
there have been a number of high-speed police chases, and there have
been people killed by the crashes (these theives often don't
respect red lights.)
Is there a problem with professional car theives in this city? Yes.
But the professionals usually drive carefully, because they don't
want to attract attention to themselves. There is a bigger problem
with the unprofessional joy riders. How do the joy-riders decide
what to steal? Answer: what-ever is most convenient. Left
your car running for 3 minutes while you dashed into a convenience
store to get a package of cigarettes? Good-bye car... Secured
your steering wheel with a locking device ("a club") while your
neighbour didn't bother? Good-bye your -neighbour's- car, yours
wasn't worth the bother to a joy rider.
Moral: If someone is determined to write a virus or similar,
at least make them *work* for it. Don't make it easy for people
to go joy-hacking: there are a lot of people who can't be bothered
to get serious about such things, but will do it if it is easy.
My last job (hacking Plan 9 kernel stuff) involved essentially this
same problem. I ended up diddling the stack in assembly to save time,
but I spent quite a while researching what happens to the stack
when you call functions; the original plan was to mess with the
stack from within a C function, making the entire thing portable.
(We were writing a kernel tracing/profiling device that did some
stuff whenever a function was called or exited).
It's not all about viruses.
John
In article <38************ *************** *******@v1g2000 pra.googlegroup s.com>
jt <ka**********@g mail.comwrote:
>hello everyone..
int fun()
{
/* anything */
}
int main(void)
{
fun();
}
in this program, when the control is transferred to function fun()..
the return address is pushed to the stack..
Actually, it is put in the register "lr" (PPC), "ra" (MIPS), "%o7"
(SPARC), or 14 (IBM S/390; spelled %r14 in GNU assembler). As
others have noted, if fun() is expanded in line, there is no control
transfer at all. But on the VAX and PDP-11, it is indeed placed
on the (hardware) stack.
>Is it possible to access this value..??
Clearly, if it is accessible at all, the method will vary, since
it is in different places on each of these architectures.
--
In-Real-Life: Chris Torek, Wind River Systems
Salt Lake City, UT, USA (40°39.22'N, 111°50.29'W) +1 801 277 2603
email: gmail (figure it out) http://web.torek.net/torek/index.html This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Andrew |
last post by:
Last night I was reading about implementing my own stack. The example
given pushes items on and off the stack at the start and end of each
procedure (ie. in a std module). What's not so clear is how this
would work with class objects. In this case do you have to push the
object on the stack at the start of every public procedure etc. in the
class and pop it off at the end? I can't see how else you can know
which object is active - or...
|
by: Kevin Grigorenko |
last post by:
Hello,
I couldn't find an obvious answer to this in the FAQ. My basic question,
is: Is there any difference in allocating on the heap versus the stack? If
heap or stack implementation is not part of the standard, then just
disregard this question. Here's some questions I'm confused about, and if
you can add anything else, please do so!
Is the stack limited for each program?
|
by: Chris Mabee |
last post by:
Hello all, and Merry Christmas,
I'm having a problem understanding an example of an array based
implementation of a stack in a textbook of mine. The code in question
is written below. The syntax is directly as in the book, except for
where I added the comments at the lines I wanted to refer to or to skip
sections of code.
template <class Element_Type>
class Stack
{
|
by: anonymous |
last post by:
Thanks your reply.
The article I read is from
www.hakin9.org/en/attachments/stackoverflow_en.pdf.
And you're right. I don't know it very clearly. And that's why I want
to understand it; for it's useful to help me to solve some basic
problem which I may not perceive before.
I appreciate your help,
sincerely.
|
by: LedZep |
last post by:
What up everyone,
I have to write a program that uses a stack to determine whether a
string is a palindrome (a string that is spelled identically backward
and forward). The program has to ignore spaces, case sensitivity and
punctuation.
I need three text boxes. The first will be for input of the string.
The second will display the string when the "check" button is clicked
and the result of the analysis (string is a palindrome or is...
| | |
by: alisaee |
last post by:
plz check what i have made wrong what is requierd her is to creat class
queue and class stack and run the push,pop operation .
#include<iostream.h>
#include<conio.h>
#include<stdio.h>
class stack
{
public:
|
by: sarathy |
last post by:
Hi all,
I need a few clarifications regarding memory allocaion in C++.
I apologize for the lengthy explanation.
1. In C++, Objects are allocated in heap.
What does heap refer to? Is it an area in RAM/Memory or does it refer
to a data structure being used for storing objects.
2. In C++, functions and its local variables go in stack.
If local variables that are primitives go in stack, it is OK. But what
|
by: John |
last post by:
I know this is a very fundamental question. I am still quite confused
if the program call stack stack should always grows upwards from the
bottom, or the opposite, or doesn't matter??
That means the stack pointer should go upwards when there are "push"
operations,
and stack pointer should go downards when there are "pop" operations??
If this is the case, the address should go upwards (increasing) or
downards (decreasing) then? i.e....
|
by: alfie27 |
last post by:
I currently have a working program that is a stack that stores integers. Now i have to convert it to store strings instead of integers. I have been working on this for hours and just keep getting errors of all kinds. I have decided to start from scratch. Any suggestions someone can give me would be greatly appreciated!!
Here is the current code:
#include <iostream>
using std::cout;
using std::cin;
#include <cstring>
using std::strcpy;
|
by: tom |
last post by:
Hi! Im new to Python and doing exercise found from internet. It is
supposed to evaluate expression given with postfix operator using
Stack() class.
class Stack:
def __init__(self):
self.items =
def push(self, item):
self.items.append(item)
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| | |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
