How does IDA calculate stack variable offsets?
IDA is able to read the machine instructions of a subroutine and display the relative offsets of each variable that gets stored on the stack.
I'm writing a program that analyzes stack memory, and I would like to be able to put the values stored in the stack memory into their respective variable types. What logic is going on under the hood that enables IDA to display the stack variable offsets?
Thanks for your time.
It infers that from the function's code by looking on where and how stack addresses are used. Like, loading into a 4-byte register and doing arithmetics probably mean that stack memory from which the load was performed belongs to a some int variable.
If you want details on IDA's algorithm, I doubt you can found it. You can look at Avast's Retargetable Decompiler open source project, that performs analysis much like IDA and study its code.
- Math.Sin() gives incorrect value
- How to run my python script when the sunOS is start booting
- Express-session: not resetting cookie expiration on each request
- Getting a stack overflow exception when normalizing a vector
- Edit default summary function in R gives error for multiple variables
- What was a For loop? Why isn't it needed in R?
- How to use download button in shiny and save results in various formats (csv, texte, pdf, spss...)?
- Why are there two assignment operators, `<-` and `->` in R?
- lm()$assign: what is it?
- How to get the value of list(...) in R and S functions
- Design matrix for MLM from library(lme4) with fixed and random effects
- how to generate elements not included in my sample
- Create a matrix with gradually changing values without a for loop
- Emacs ESS and S-plus ( S+ ) 8.1 compatability
- How to lag date-index in a time-series in R?
- Nonlinear regression in R / S
- Calling R from S-Plus?