-1

Where do I start if I want to learn assembly for security reasons? I think if I want to avoid mistakes, the best thing would be to know what you're doing. What happens if I cast a signed int into an unsigned int. Once I got a strange error message, that a variable isn't correctly aligned. At this time I had no idea what alignment is.

user2798943
  • 197
  • 2
  • 11

1 Answers1

4

My two cents

Unless you find assembly intriguing and have a lot of time I'd like to suggest you to learn just these things: How are signed number represented, how are floating point numbers represented and what data alignment is.

I will strongly suggest you to learn assembly as it is very fascinating but I recognize that it is a huge effort for a beginner that to it with a purpose.
Learn assembly is not learning a list of instructions, actually there is no need to remember such list. Learning assembly means learning every aspect of how your computer works, starting from the hardware datasheet to how the OS is implemented.
This is a lot of material so that it is even hard to make a list of it, let alone learn it!

I started learning assembly as a teen because I was fascinated by it, there was no purpose but the knowledge. I did (and do) it for fun, this made the things easy, I had not deadlines. I have plenty of time back then I a learn the pieces of the puzzle one at a time, finally getting what I hope is a complete view of the whole thing.
I spent days investigating on a single, banal, little aspect that popped out while I was working a bigger project.
This is the behavior you have to get, if you start leaving details out, everything will get blurry.
Always do a quick mental trace of what it is happening behind the scene and write down your doubts.
Later investigate those doubts and write a text file with your annotation and discoveries.

The points below try to give you a path to follow.

I have assume you are not interested in the assembly language itself and system programming (so I skipped suggesting you this old but mandatory book: The Art of Assembly language).
I have also assumed you have IA32e architecture (ie Intel or AMD processor).

1. Read documentation (Will take time)

Read the Intel Manuals.
The first time you may stop at chapter 7 of the first manual but get back as soon as possible to finish the read.

Use NASM as assembler.
You will need a linker, use GCC on Linux and CL on Windows (given with Visual Studio, the Express edition is free).

Don't use the C runtime or any read-to-use library.
Learn the Linux API.
Learn the Windows API.
Learn the Linux ABI.
Learn the Windows ABI.

Find online (incomplete, crappy) tutorials to get a practical idea of how it works.

Learn how to properly write function prologs and epilogs and how to use the stack.
Do a lot a practice. Write simple stupid programs.

Get an idea of how system call works for those OS, what is done in the boot process, how symbols are resolved and library loaded.

Search online for C programming exercise and do that in assembly, without using the C runtime.
Do them again using the C runtime.

2. Work a lot with compilers.

Write test programs in C and see how it is implemented.
Do hypothesis-test-thesis cycles.
Always keep in mind what the C standard says as it take a major role in the compiler decisions and you cannot infer it from disassembly.

Community
  • 1
  • 1