Jump to content
  • Advertisement
Sign in to follow this  
antareus

Disassembly question

This topic is 5148 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

I'm teaching myself disassembly by throwing stuff like the Reverse Engineering Compiler at stuff I have the source code for to try to recognize how common constructs are represented at the assembly level. One thing I notice is that I'll have code that references memory just beyond the last PE section when it is loaded in memory, e.g. if I have a code section that ends at 0x00476000, I'll see references to 0x0047a000 being made. This strikes me as odd as it doesn't appear to be the stack, nor does it appear to be the heap. What would be stored there? Global variables?

Share this post


Link to post
Share on other sites
Advertisement
Generate a map file (usually a linker option) which will tell you the address and length of the various sections of the executable.
I'd guess its the BSS (uninitialised globals) section which is set to all zero upon program load.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!