Debugging, Disassembly & Reversing in Linux for x64 Architecture/

...

/

Summary of Code

Summary of Code

Review the concepts we’ve covered in this course, such as prolog / epilog functions, LEA, passing parameters, accessing stored parameters, and local variables.

We'll cover the following...

Here is a summary of the concepts we encountered in this course.

Function prolog / epilog

Let’s start with function prologs and function epilogs.

Function prolog

The function prolog is composed of these instructions:

Assembly (GAS x86)
push %rbp
mov %rsp,%rbp

Function epilog

The function epilog is composed of these instructions:

Assembly (GAS x86)
mov %rbp,%rsp
pop %rbp
ret

This code is equivalent to:

Assembly (GAS x86)
leave
ret

Some code may not restore %RSP if it does not change:

Assembly (GAS x86)
pop %rbp
ret

Knowing the prolog can help identify incorrect symbol files or function start addresses. For example, suppose we have the ...