Stack of print_ints(4,1,2,3,4) Caller's data Direction of 4 stack growth 3 arg_list 2 1 4 Tell the function “print ints”to Saved EIP print 4 integers Saved EBP Locals for print_ints() ESP 11
Stack of print_ints(4,1,2,3,4) 11 Caller’s data 4 3 2 1 4 Saved EIP Saved EBP Locals for print_ints() arg_list ESP Direction of stack growth Tell the function “print_ints” to print 4 integers
Incorrect Stack Operation with va_args Now compare this with the case when the number of arguments passed is less than the function thinks. 。 Illustrates a few last iterations of print_ints (6,1,2,3,4);in the call in format2.c. 12
Incorrect Stack Operation with va_args • Now compare this with the case when the number of arguments passed is less than the function thinks. • Illustrates a few last iterations of print_ints (6, 1,2,3,4); in the call in format2.c. 12
Stack of print_ints(6,1,2,3,4) Caller's data Direction of Caller's data stack growth Caller's data 4 3 arg_list Tell the function “print ints”to 6 print 6 integers Saved EIP Saved EBP ESP Locals for print_ints() 13
Stack of print_ints(6,1,2,3,4) 13 Caller’s data Caller’s data Caller’s data 4 3 2 1 6 Saved EIP Saved EBP Locals for print_ints() arg_list ESP Direction of stack growth Tell the function “print_ints” to print 6 integers
Summary What Is a Format String? ANSI C standard defines a way of allowing programmers to define functions with a variable number of arguments. These functions use special macros for reading supplied arguments from the stack.Only a function itself may decide that it has exhausted the supplied parameters.No independent checks are done. Functions of formatted output belong to this category.They decide upon the number and types of arguments passed to them based on their special argument called the format string. 14
Summary • What Is a Format String? ANSI C standard defines a way of allowing programmers to define functions with a variable number of arguments. These functions use special macros for reading supplied arguments from the stack. Only a function itself may decide that it has exhausted the supplied parameters. No independent checks are done. Functions of formatted output belong to this category.They decide upon the number and types of arguments passed to them based on their special argument called the format string. 14
Using Format Strings 15
15 Using Format Strings