Menu
Where does the size of the variables defined in the C files appear in the assembly equivalent of the code after the compilation?
Imagine your first code is:
char buffer[2];
char a[3];
and your next code is:
char buffer[3];
char a[2];
where "buffer" and "a" are local variables of a function.
In both cases, the esp is reduced by the same number of bytes when you enter the function, but is there any way to distinguish the border if you do not have access to the source code and you are just disassembling the binary?
I am wondering if there is a segment in the binary that keeps track of the size of variables.
932
To my knowledge, the only way to tell in this circumstance is to look at how the stack is being used.
Once code is compiled to assembly, type information isn't really preserved, the only thing that can be inferred is the type of assembly instructions being used(whether they operate on a bit, word, double word, ect)
IDA Pro has a disassemble to C feature that is usually mostly accurate, it doesn't reduce to working C most of the time but is pretty powerful in fast analysis of ASM. One thing it does is find out the size of arrays, however a lot of the time it will only type them as byte(or char) arrays and you might have to analyze the code to see how its being used exactly.
76
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
