Article Directory
What is the EIP
EIP is a register, but not the general-purpose registers, because it kept inside value is the address of our next CPU time to be executed, CPU through the EIP register, find an address, the address of the instruction to execute.
How to modify the value of EIP
The following command may be used to modify the value of the EIP:
| instruction | format |
|---|---|
| jmp | jmp memory / Number / register immediate |
| call | Memory call / Number / register immediate |
| right | right |
jmp instruction
jmp instruction Unconditional jump, before we can use to modify the general register mov instruction, but for this EIP register is not easy to use, but we can use jmp this directive to implement the functionality mov instruction.
operation result:
call instruction
Instructions before meeting are press F8 to step over, but the call instruction encountered when Yaoan F7 entered, the call to play the role of a subroutine call. call instruction will not change the value of EIP, will modify the value of the stack pointer ES shoot, if you do not know what is the stack, you can click here , call instructions jmp instruction relative terms, jmp instruction has no effect on the stack, and call instruction will affect the stack .
ret instruction
ret instruction is the current value on the stack pointer in the EIP, and then the value of the stack pointer ESP +4, which is doing its thing, not what the return value of the function.
Before running:
After running:
