What is the effect of using JMP on function address?

Question

What is the effect of using JMP on function address?

I watched the program in the IDA, as I was trying to figure out how a particular function works when I came across something like this:

; C_TestClass::Foo(void) __text:00000000 __ZN14C_TestClass7FooEv proc near __text:00000000 jmp __ZN14C_TestClass20Barr ; C_TestClass::Barr(void) __text:00000000 __ZN14C_TestClass7FooEv endp __text:00000000

Can someone explain to me what exactly jumps into a function, as in this case? I assume it acts like a wrapper for another function?

+7

function assembly ida jmp

ILOVEPIE Nov 24 '12 at 22:27

source share

2 answers

This is what is called the tail. The compiler can directly call the function and allow it to return to the original caller without causing any problems. For example:

 int f(int x) { ... return g(y); }

The compiler can simply jmp g at the end, because there is room for the arguments in the same place as the arguments f , and the return value does not change before returning to f caller.

+3

Ben jackson Nov 24 '12 at 10:34

source share

Mysticial · Accepted Answer · 2012-11-24T22:33:53+0000

You are correct that jumping is often a way to effectively control shell functions that are not built-in.

Usually you will need to read all the parameters of the function and put them back on the stack before you can call the subfunction.

But when the wrapper function has the same prototype:

Same calling convention
The same parameters (and in the same order)
Same return type

There is no need for all normal function overhead calls. You can simply go straight to the goal. (These categories may not be entirely necessary, as this may be possible in some other cases.)

All parameters (either in the stack or in the register) that were configured when the wrapper function was called will already be in place (and compatible) for the sub-function.

What is the effect of using JMP on function address?

More articles: