understanding the stack

Question

I have de-assembled a x86 application use ida, it generates the following code

.text:1084FF10                 push    ebp
.text:1084FF11                 mov     ebp, esp
.text:1084FF13                 and     esp, 0FFFFFFF8h
.text:1084FF16                 sub     esp, 0D4h
.text:1084FF1C                 mov     eax, ___security_cookie
.text:1084FF21                 xor     eax, esp

What does the instruction "and esp, 0FFFFFFF8h" do here?

score 12 · Accepted Answer · answered Feb 14 '14 at 03:33

12

This aligns the stack pointer to 8 byte boundary. This is done by the compiler to improve performance, as reads from non-aligned addresses results in performance degradation.

answered Feb 14 '14 at 03:33

pank4j

673
4
8

understanding the stack

1 Answers1