I picked the following code up from madwizard.org. You will recognise it as analagous to the C convention for passing command line arguments to an application. In this code snippet details of the arguments are passed in the esp register.
As an excercise I wanted to read the contents of the esp register before the sub instruction executes.
; -----------------------------------------------------------------------------------
; Application command line
; -----------------------------------------------------------------------------------
start:
<--------------- want to read esp register here
sub esp, 12
lea eax, [esp+0] ; &env
lea ecx, [esp+4] ; &argc : No. of arguments including program name
lea edx, [esp+8] ; &argv : Array of arguments
This is where it gets a but esoteric. I am using VS2010 as the development environment. In the debug settings for the project, Command Arguments allows the specification of the arguments that will be passed to the application when debugging. Despite entering a value in this settting, the esp register appears to be empty.
I believe the possibilities are:
1. The esp register does not contain the command line arguments ever.
2. Visual studio screwed up (again) and did not pass the arguments to the esp register.
3. The arguments were passed but I am reading them incorrectly:- mov esi, esp -> lodsb etc is how I am finding my way through them.
Please advise
Thanks
i am not much of a C guy
but, if you have a WinMain proc, one of the parameters passed is a command line argument
http://msdn.microsoft.com/en-us/library/windows/desktop/ms633559%28v=vs.85%29.aspx (http://msdn.microsoft.com/en-us/library/windows/desktop/ms633559%28v=vs.85%29.aspx)
beyond that, the C startup code parses this into i think 3 arguments
Erol wrote a little startup library that does this
http://msdn.microsoft.com/en-us/library/a1y7w461.aspx (http://msdn.microsoft.com/en-us/library/a1y7w461.aspx)
The command line arguments aren't stored in esp. Registers can be given single values only, and then it's down to context to decide how they should be interpreted.
esp is treated specially, as it's the stack-pointer - it points to an area of memory ready for use as a scratch pad to save values temporarily, called "the stack." So its value is nothing more than a pointer, which you follow to get the values stored on the stack.
At some point in your program (not necessarily the beginning), it will obtain the command line arguments, which were stored somewhere in memory by the OS. As part of the standard C start up, 'main' is given these as parameters via pointers - these pointers are stored on the stack (as function parameters generally are.) So, the code you pasted is just accessing the stack (with offsets) to get the pointers to the parsed command line arguments (argv is actually a pointer to a list of yet more pointers to the actual strings.)
Do some more debugging and try exploring (via memory dump) the stack memory and pointer values stored on it to see how things are laid out.
Just a hint:
int main(int argc, char *argv[]) {
__asm int 3;
__asm mov ecx, argc;
__asm mov eax, argv[0];
__asm mov edx, argv[1];
Using e.g. OllyDbg (http://www.ollydbg.de/version2.html), you can insert a breakpoint (int 3) at the beginning of main(), and load pointers to arguments into registers.
Hi Ian,
You can try my small C run-time startup library. It uses the stack to pass the command line arguments.
http://vortex.masmcode.com/files/Wcrt0_7.zip
FWIW a MASM app with a properly defined main procedure can be rigged to call mainCRTStartup, and have access to the command line in the procedure, but the command line will still not be available at the app entry point.
Thank you one and all. Tedd I take your point about the esp register. I have read about it's roll as the stack pointer before. I have also downloaded OllyDbg and we give that a go.