We are running a survey to help us improve the experience for all of our members. If you see the survey appear, please take the time to tell us about your experience if you can.
Hi All I am trying to store a memory address in a register. Basically what I want is to store a memory address in a register say R0 and start a stack on the memory address. Then I wish to push some of the registers on the stack ( which is pointed by R0) It seemed pretty straight forward in other architectures, but I am struggling in ARM.Here is some of the methods that I have tried StackMem = 0x2ee150
MOV R0,#StackMem LDR R0,=StackMem STMFD R0,{R1-R3}
none of these work. Can anyone tell me what is the correct way to do this?
it will be great help!!!
Ok, so as this question is more than 10 years old, it won't be for you but for the ones who may need this in the future.
So:
If you really want to store it into r0(or any other register for that matter) then fine do this:
LDR R0,=StackMem
Now, here is what you missed, in ARM the stack pointer R13, SP shows the top of the stack so here is what we are going to do:
MOV SP, R0
This will overwrite the contents of the 'real SP' or the current stack address causing that the stack will now start at whatever address was in r0.
then you can just push some registers to the stack by:
str r1, [SP, #-4]!
^thats the same as push {r1}
So in all:
//after this instruction the SP will be at 0x2ee150 or whatever value you specified in R0.
//Push register r1 to the stack
push {r1}
PS: In exploitation we use this technique called stack pivoting which basically means that we control the SP by a gadget in our rop chain as for example the bug is on the heap so we have one gadget worth of execution.