A
all.junks
Hi,
Let's say I'm in function foo.
I am trying to find the function(or return address) which called foo.
Initially, I thought I could use stack base pointer(ebp+4) to find the
return address.
However, my compiler(vs7) would go through so many function call and
ebp+4 points to somewhere in kernel32.
I can use the address of parameter and obtain the return address.
When the function call is cdecl, the return address is at
[&firstparameter -4]
I can use this but it depends on the calling convention.
I feel there must be a more general way to get a return address. (any
api?)
Any help would be appreciated.
Let's say I'm in function foo.
I am trying to find the function(or return address) which called foo.
Initially, I thought I could use stack base pointer(ebp+4) to find the
return address.
However, my compiler(vs7) would go through so many function call and
ebp+4 points to somewhere in kernel32.
I can use the address of parameter and obtain the return address.
When the function call is cdecl, the return address is at
[&firstparameter -4]
I can use this but it depends on the calling convention.
I feel there must be a more general way to get a return address. (any
api?)
Any help would be appreciated.