Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What exactly does _malloc do in assembly?

public main
main proc near
push    ebp
mov     ebp, esp
and     esp, 0FFFFFFF0h
sub     esp, 30h
mov     dword ptr [esp], 8 ; size
call    _malloc
mov     [esp+2Ch], eax
mov     dword ptr [esp+4], 4
mov     eax, [esp+2Ch]
mov     [esp], eax
call    __start

The code above represents a portion of a large project I am working on. I am trying to reverse this code into C equivalent but I am having difficulty understanding how malloc works.

I am figuring 8 bytes would be the size of the memory being allocated; however, I am not sure about this line.

mov      eax, [esp+2ch] 

What does malloc do to eax?

Furthermore would this be equivalent C code?

int main(void)
{
int *ptr1;
ptr1 = (int *)malloc(sizeof(8));
*ptr1 = 4;
__start(*ptr1);
like image 985
user3089458 Avatar asked Dec 11 '13 03:12

user3089458


People also ask

What does malloc do in assembly?

malloc returns a void pointer to the allocated space, or NULL if there is insufficient memory available. To return a pointer to a type other than void , use a type cast on the return value.

What happens when you call malloc?

You can call the malloc function at any time, and it will request a block of memory from the heap. The operating system will reserve a block of memory for your program, and you can use it in any way you like.

How does Assembly allocate memory?

The sys_brk() system call is provided by the kernel, to allocate memory without the need of moving it later. This call allocates memory right behind the application image in the memory. This system function allows you to set the highest available address in the data section.

What does the function malloc do?

malloc() is a library function that allows C to allocate memory dynamically from the heap. The heap is an area of memory where something is stored. malloc() is part of stdlib. h and to be able to use it you need to use #include <stdlib.


2 Answers

The function malloc() will allocate a block of memory that is size bytes large. If the requested memory can be allocated a pointer is returned to the beginning of the memory block.

Note: the content of the received block of memory is not initialized.

Syntax of malloc():

void *malloc ( size_t size );

Parameters:

Size of the memory block in bytes.

Return value:

If the request is successful then a pointer to the memory block is returned. If the function failed to allocate the requested block of memory, a NULL is returned, NULL may also be returned by a successful call to malloc() with a size of zero.

As stated in this CS 301 lecture by Dr. Lawlor:

Calling Malloc from Assembly Language

It's a pretty straightforward function: pass the number of BYTES you want as the only parameter, in rdi. "call malloc." You'll get back a pointer to the allocated bytes returned in rax. To clean up the space afterwards, copy the pointer over to rdi, and "call free" (I'm leaving off the free below, because you need the stack to do that properly).

Here's a complete example of assembly memory access. I call malloc to get 40 bytes of space. malloc returns the starting address of this space in rax (the 64-bit version of eax). That is, the rax register is acting like a pointer. I can then read and write from the pointed-to memory using the usual assembly bracket syntax:

mov edi, 40; malloc's first (and only) parameter: number of bytes to allocate
extern malloc
call malloc
; on return, rax points to our newly-allocated memory
mov ecx,7; set up a constant
mov [rax],ecx; write it into memory
mov edx,[rax]; read it back from memory
mov eax,edx; copy into return value register
ret

Rather than copy via the ecx register, you can specify you want a 32-bit memory write and read using "DWORD" in front of the brackets, like this:

mov edi, 40; malloc's first (and only) parameter: number of bytes to allocate
extern malloc
call malloc
; on return, rax points to our newly-allocated memory
mov DWORD [rax],7; write constant into memory
mov eax,DWORD [rax]; read it back from memory
ret

for malloc in assembly language..see this link malloc

like image 51
Sajad Karuthedath Avatar answered Sep 23 '22 13:09

Sajad Karuthedath


I'd like to emphasize something that was not mentioned in the other great answer.

How does malloc work internally? What does it do in assembly to create the needed memory?

According to this website, malloc and other memory calls use an operating system API function to allocate and free memory on the heap.

like image 1
RedDragonWebDesign Avatar answered Sep 21 '22 13:09

RedDragonWebDesign