C, ASM and stack tracing cheat sheets

[tain]

I'm trying to find some handy, printable "quick reference" sheets to help me:

1. Convert C to ASM (intel format)

2. Convert ASM to C

3. Trace ASM code onto a stack diagram

I'd like this handy reference to have details such as:

What does an 'if' statement look like in ASM? On the stack?

What does loops look like in ASM? On the stack?

What happens on the stack during a call? (Pushes ESP-4, then...)

What happens on the stack during a pop?

Stuff like that. I possess the knowledge but am a bit slow at this stuff. A quick reference would help me a lot!

[CoffeeFiend]

I've never seen cheat sheets like that. They're mostly for trivial/simple things it seems.

In this case, you could start making your own by compiling simple chunks of code, and seeing how it looks.

However, it's probably not going to be that simple. The generated (compiled) code is going to vary depending on a LOT of things:

-platform (x86? Freescale? PPC? ...)

-depending if it's 32 or 64 bit code (x86/x64)

-depending on calling conventions used (cdecl/stdcall/fastcall/etc) - changes a lot of things by itself (how args are passed to a function, who clears the stack, etc)

-depending on which particular compiler is used

-depending on the type of executable (e.g. old MZ .exe's or PE) and memory model

-language used of course (you might not always just look at asm from plain C)

-in some cases, we don't always look at asm either (e.g. MS IL)

...

But most of it becomes fairly obvious after a bit (assuming you know the basics, like say, the Windows version check I've shown in this post before)

What does an 'if' statement look like in ASM?

Depends on the particular condition for starters.

One example:

if(string1==string2) {...}

You could have something like:

push address_of_string1

push address_of_string2

call lstrcmp* (could also be a CompareString call)

or eax,eax (test if eax = 0)

conditionnal_jump_goes_here (je/jz/jne/jnz...)

Or even simpler:

if(int1==0x123) {...}

mov eax, location_of_int1_in_memory

cmp eax,123

conditionnal_jump_goes_here

What does loops look like in ASM?

Depends on the loop type (for, do while, while...), condition and so on.

What happens on the stack during a call? (Pushes ESP-4, then...)

Depends on the calling convention.

What happens on the stack during a pop?

Those kind of things you just have to know, by reading the processor's instruction set reference or such (get the value from the stack into your chosen register, and increment the stack pointer)

Also, the set of tools you use could make your life a lot easier (or vice-versa). There's even some tools that will do asm -> C for you automatically. The best tools aren't cheap though (could be 1000's of $)

I'll probably take a stab at your other post later today. Edit: looks like jaclaz already got around to that with a pretty good answer.

[tain]

Coffeefiend to my rescue once again

If it helps, I can narrow down some of the variables you listed:

-Always on 32bit x86

-Compiler:gcc and cl from VS2008.

-Languages: always plain C and asm.

Calling convention: cdecl

I'll write out the conventions we are using as applied to your examples:

void main() {
if(string1==string2) {
   int x = 1; in ASM, our first var would be [ESP-4]
   int y = 2; in ASM, our next var would be [ESP-8]
   ...
   }
}

In ASM:
push ebp
mov ebp, esp
sub esp,8  ;total size of vars
mov [ESP-4],1
mov eax,[ESP-4] 
mov [ESP-8],2
cmp eax,[ESP-8]
jne _whereever_we_are_going

So I am manually building my own cheat sheet on such things but the going is slow and a nice reference would save me tons of time. Opcode cheat sheets are the closest thing I have so far

Thanks for all the help, hombre!