Posts ASM Snippets
Post
Cancel

ASM Snippets

Hex


0x prefixed or h postfixed. 0 to 15 represented by 0 to f:

HexDecimal
00
11
22
33
44
55
66
77
88
99
a10
b11
c12
d13
e14
f15

Datatypes


  • 8-bit (1 byte) = char (or BYTE)
    • In hex, can be 0x00 to 0xFF
  • 16-bit (2 bytes) = short int (often referred to as a WORD)
    • In hex, can be 0x0000 to 0xFFFF
  • 32-bit (4 bytes) = long int (often referred to as a DWORD or double-WORD)
    • In hex, can be 0x00000000 to 0xFFFFFFFF
  • 64-bit (8 bytes) = long long (often referred to as a QWORD or quad-WORD)
    • In hex, can be from 0x0000000000000000 to 0xFFFFFFFFFFFFFFFF

Registers


  • Volatile: ecx, edx
  • Non-Volatile: ebx, esi, edi, ebp
  • Special: eax, esp

eax - Primary Accumulator - used in i/o and most arithmatic
ebx - Base Register - can be used in indexed addressing
ecx - Count Register - store the loop count in interative operations
edx - Data Register - also used in i/o, alongside ax/dx for multiply and divide operations
ebp - Extended Base Pointer - points to the beginning of the local environment for a function
esi - Extended Source Index - holds the data source offset in an operation using a memory block
edi - Extended Destination Index - hold the destination data offset in an operation using a memory block
esp - Extended Stack Pointer - points to the top of the stack
eip - Extended Instruction Pointer - points to the address of the next instruction to be executed

64-bit registerLower 32 bitsLower 16 bitsLower 8 bits
raxeaxaxal
rbxebxbxbl
rcxecxcxcl
rdxedxdxdl
rsiesisisil
rdiedididil
rbpebpbpbpl
rspespspspl
r8r8dr8wr8b
r9r9dr9wr9b
r10r10dr10wr10b
r11r11dr11wr11b
r12r12dr12wr12b
r13r13dr13wr13b
r14r14dr14wr14b
r15r15dr15wr15b

Memory Segments


  • Environment/Arugments - store a copy of system-level variables that may be needed by the process during runtime
  • Stack - keeps track of function calls (recursively) and grows from the higher-addressed memory to the lower-addressed memory (usually)
  • Heap - stores dynamically allocated variables and grows from the lower-addressed memory to the higher-addressed memory (allocation controlled through malloc() and free())
  • .bss - store global noninitialised variables (int a = 0;)
  • .data - store global initialised variables (int a;)
  • .text - actual code
This post is licensed under CC BY 4.0 by the author.