Linux does not grow the stack below esp, so all accesses must be >= esp.

fold_elf86.asm fold_sh86.asm l_lx_sep86.asm committer: jreiser <jreiser> 1006463120 +0000
2025-09-28 19:06:07 +08:00 · 2001-11-22 21:05:20 +00:00 · 2001-11-22 21:05:20 +00:00 · 2dfb82d5b9
commit 2dfb82d5b9
parent 83bcbb8299
3 changed files with 9 additions and 0 deletions
--- a/src/stub/fold_elf86.asm
+++ b/src/stub/fold_elf86.asm
@ -131,9 +131,12 @@ EXTERN make_hatch
 %define  N_STKCLR (0x100 + MAX_ELF_HDR + OVERHEAD)/4
        lea edi, [esp - 4*N_STKCLR]
        pusha  ; values will be zeroed
+        mov esi,esp  ; save
+        mov esp,edi  ; Linux does not grow stack below esp
        mov ecx, N_STKCLR
        xor eax,eax
        rep stosd
+        mov esp,esi  ; restore

        xor ecx, ecx  ; 0
        mov ch, PAGE_SIZE>>8  ; 0x1000
--- a/src/stub/fold_sh86.asm
+++ b/src/stub/fold_sh86.asm
@ -141,9 +141,12 @@ EXTERN upx_main
 %define  N_STKCLR (0x100 + MAX_ELF_HDR + OVERHEAD)/4
        lea edi, [esp - 4*N_STKCLR]
        pusha  ; values will be zeroed
+        mov ebx,esp  ; save
+        mov esp,edi  ; Linux does not grow stack below esp
        mov ecx, N_STKCLR
        xor eax,eax
        rep stosd
+        mov esp,ebx  ; restore

 ; Because the decompressed shell script occupies low memory anyway,
 ; there isn't much payback to unmapping the compressed script and
--- a/src/stub/l_lx_sep86.asm
+++ b/src/stub/l_lx_sep86.asm
@ -234,9 +234,12 @@ EXTERN make_hatch
 %define  N_STKCLR (0x100 + MAX_ELF_HDR + OVERHEAD)/4
        lea edi, [esp - 4*N_STKCLR]
        pusha  ; values will be zeroed
+        mov ebx,esp  ; save
+        mov esp,edi  ; Linux does not grow stack below esp
        mov ecx, N_STKCLR
        xor eax,eax
        rep stosd
+        mov esp,ebx  ; restore

        mov ecx, dword -PAGE_SIZE
        mov ebx, ebp