Assembly Language
AT&T vs. NASM
Two main forms of assembly syntax
Source and destination operands are reversed and different symbols are used to mark the beginning of a comment
NASM format -
CMD <dest>, <source> <;comment>AT&T format -
CMD <source>, <dest> <#comment>
AT&T syntax
used by GNU Assembler (gas) contained in the gcc compiler suite
Netwide Assembler (NASM)
Operands
mov
Copies data from the source to the destination
Value is not removed from the source location
Data cannot be moved directly from memory to a segment register
General purpose register as an intermediate step
mov <dest>, <source>
mov eax, 51h; comment
movl $51h, %eax #comment
add and sub
add - adds the source to the destination and stores the result in the destination
sub - subtracts the source from the destination and stores the result in the destination
add <dest>, <source>
add eax, 51h
addl $51h, %eax
sub <dest>, <source>
sub eax, 51h
subl $51h, %eax
push and pop
Push and pop items from the stack
push <value>
push eax
pushl %eax
pop <dest>
pop eax
popl %eax
xor
conducts a bitwise logical "exclusive or" (XOR)
One option is to use XOR value, value to zero out or clear a register or memory location
AND to determine whether a specific bit within a register or memory location is set or unset, or to determine if a call to a function such as malloc return back the pointer to a chunk as opposed to a null.
xor <dest>, <source>
xor eax, eax
xor %eax, %eax
jne, je, jz, jnz, and jmp
Branch the flow of the program to another location based on the value of the eflag "zero flag"
jne/jnz jumps if the zero flag equals 0
je/jz jumps if the zero flag equals 1
jmp always jumps
jnz <dest> / jne <dest>
jne start
jne start
jz <dest> / je <dest>
jz loop
jz loop
jmp <dest>
jmp end
jmp end
call and ret
call instruction redirects execution to another function
virtual memory after the call instruction is first pushed onto the stack, serving as the return pointer
then redirection of execution to the called function is performed
ret used at the end of a procedure to return the flow to the command after the call
call <dest>
call subroutine 1
call subroutine1
ret
ret
ret
inc and dec
Increment and decrement the destination
inc <dest>
inc eax
incl %eax
dec <dest>
dec eax
decl %eax
lea
Loads the effective address of the source into the destination
can often be seen when passing the destination argument to a string-copying function writing the destination buffer address to the top of the stack as an argument to the gets function
lea <dest>, <source>
lea eax, [dsi +4]
leal 4(%dsi), %eax
System Calls: int, sysenter, and syscall
System calls are a mechanism for a process to request a privileged operation to be performed where the context and execution of code are switched from user mode to kernel mode
Addressing Modes
Register
Registers hold the data to be manipulated. No memory interaction. Both register must be the same size.
mov rbx, rdx add al, ch
Immediate
The source operand is a numerical value. Decimal is assumed; use h for hex.
mov eax, 1234h mov dx, 301
Direct
The first operand is the address of memory to manipulate. It's marked with brackets.
mov bh, 100 mov[4321h], bh
Register Indirect
The first operand is a register in brackets that holds the address to be manipulated.
mov [di], ecx
Based Relative
The effective address to be manipulated is calculated by using ebx or ebp plus an offset value
mov edx, 20[ebx]
Indexed Relative
Same as Based Relative, but edi and esi are used to hold the offset.
mov ecx, 20[esi]
Based Indexed Relative
The effective address is found by combining Based Relative and Indexed Relative modes
mov ax, [bx][si]+1
Last updated