01 Calling Conventions Objectives Learn about different calling

  • Slides: 12
Download presentation

01 – Calling Conventions

01 – Calling Conventions

Objectives • Learn about different calling conventions • Understand how they are used and

Objectives • Learn about different calling conventions • Understand how they are used and why

Calling Conventions Calling conventions are essentially rules that must be followed when calling functions

Calling Conventions Calling conventions are essentially rules that must be followed when calling functions There are two parts to calling conventions: How arguments are passed to the function Who’s responsible for argument clean-up

 • Default calling convention for C and C++ • Arguments are passed right

• Default calling convention for C and C++ • Arguments are passed right to left __cdecl • Stack cleanup is done by the caller • This calling convention can be specified by placing __cdecl before the function name

__cdecl Example Function: IDA: Call: Notice that both a and b are pushed onto

__cdecl Example Function: IDA: Call: Notice that both a and b are pushed onto the stack. b first then a. The Caller (main) then cleans up the stack and fstp is used to store the returned value into sum.

 • Used to call Win 32 API functions • Callee cleans the stack

• Used to call Win 32 API functions • Callee cleans the stack __stdcall • Arguments are passed right to left • This calling convention can be specified by placing __stdcall before the function name

__stdcall Example Function: IDA: Call: Notice that both a and b are pushed onto

__stdcall Example Function: IDA: Call: Notice that both a and b are pushed onto the stack. b first then a. This time the caller doesn’t clean up the stack, so there is no add esp, 8.

 • Arguments are first placed in registers rather than the stack, this in

• Arguments are first placed in registers rather than the stack, this in turn yields better performance __fastcall • The first two arguments that require 32 bits or less are placed into ECX and EDX, the rest are pushed to the stack from right to left • Callee cleans the stack • This calling convention can be specified by placing __fastcall before the function name

__stdcall Example Function: IDA: Call: The difference is easy to see here. There are

__stdcall Example Function: IDA: Call: The difference is easy to see here. There are no pushes to the stack, instead b is stored in EDX then a is stored in ECX. The function is called and the callee cleans up the stack.

Other Calling Conventions x 64 favors register-based calling conventions • Due to availability of

Other Calling Conventions x 64 favors register-based calling conventions • Due to availability of more registers • Better performance • Use of register for return address prevents stack corruption exploits When writing in low-level language such as assembly, programmer can define any method they choose for passing arguments

 • Covered 3 common types of calling conventions Summary • It’s important to

• Covered 3 common types of calling conventions Summary • It’s important to understand because any of these could be used in a program • There are others, some are OS and compiler specific. If more reading is desired, MSDN covers the ones supported by their Visual C/C++ compiler.