API tools faq
paste
Miseryk

new vs malloc vs calloc

Miseryk
Jan 18th, 2021 (edited)
189
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
ASM (NASM) 2.45 KB | None | 0 0
raw download clone embed print report
  1. new:
  2.     ucrtbase.malloc - 8B FF                         - mov edi,edi (CC 8B FF 55 8B EC 5D E9 05 00 00 00 CC CC CC CC CC 8B FF 55 8B EC 56)
  3.     ntdll.RtlAllocateHeap - 8B FF                   - mov edi,edi
  4.     ntdll.RtlAllocateHeap+50 - 8B FF                - mov edi,edi
  5.     ntdll.RtlNumberOfSetBitsUlongPtr+E9 - 8B FF     - mov edi,edi
  6.     ntdll.RtlNumberOfSetBitsUlongPtr+41 - 8B FF     - mov edi,edi
  7.    
  8.     after:
  9.         TestingStuff.exe.text+309 - 83 C4 04              - add esp,04 { 4 }
  10.         TestingStuff.exe.text+30C - 89 45 F0              - mov [ebp-10],eax
  11.         TestingStuff.exe.text+30F - C7 45 FC 00000000     - mov [ebp-04],00000000 { 0 }
  12.         TestingStuff.exe.text+316 - 0F57 C0               - xorps xmm0,xmm0
  13.         TestingStuff.exe.text+319 - 66 0FD6 00            - movq [eax],xmm0
  14.         TestingStuff.exe.text+31D - BA C0317700           - mov edx,TestingStuff.exe.rdata+1C0 { ("Constructor was Called!") }
  15.         TestingStuff.exe.text+322 - 8B 0D 64307700        - mov ecx,[TestingStuff.exe.rdata+64] { (73F37A00) }
  16.         TestingStuff.exe.text+328 - 68 80197700           - push TestingStuff.exe.text+980 { (1458342741) }
  17.         TestingStuff.exe.text+32D - E8 0E040000           - call TestingStuff.exe.text+740
  18.         TestingStuff.exe.text+332 - 8B C8                 - mov ecx,eax
  19.         TestingStuff.exe.text+334 - FF 15 40307700        - call dword ptr [TestingStuff.exe.rdata+40] { ->MSVCP140.dll.text+346F0 }
  20.         TestingStuff.exe.text+33A - C7 45 FC FFFFFFFF     - mov [ebp-04],FFFFFFFF { -1 }
  21.    
  22. malloc:
  23.     ucrtbase.malloc - 8B FF                         - mov edi,edi (CC 8B FF 55 8B EC 5D E9 05 00 00 00 CC CC CC CC CC 8B FF 55 8B EC 56)
  24.     ntdll.RtlAllocateHeap - 8B FF                   - mov edi,edi
  25.     ntdll.RtlAllocateHeap+50 - 8B FF                - mov edi,edi
  26.     ntdll.RtlNumberOfSetBitsUlongPtr+E9 - 8B FF     - mov edi,edi
  27.     ntdll.RtlNumberOfSetBitsUlongPtr+41 - 8B FF     - mov edi,edi
  28.  
  29. calloc:
  30.     ucrtbase.calloc - 8B FF                         - mov edi,edi (CC 8B FF 55 8B EC 5D E9 05 00 00 00 CC CC CC CC CC 8B FF 55 8B EC 8B)
  31.     ntdll.RtlAllocateHeap - 8B FF                   - mov edi,edi
  32.     ntdll.RtlAllocateHeap+50 - 8B FF                - mov edi,edi
  33.     ntdll.RtlNumberOfSetBitsUlongPtr+E9 - 8B FF     - mov edi,edi
  34.     ntdll.RtlNumberOfSetBitsUlongPtr+41 - 8B FF     - mov edi,edi
  35.     ntdll.memset - 8B 54 24 0C                      - mov edx,[esp+0C]
  36.    
  37. conclusion:
  38. ----------
  39. They call the same functions (RtlAllocateHeap), malloc does not clean the memory with memset, calloc does, ClearAlloc, and the new, if it is a class, calls the constructor, is this shit rlly important to be tagged as wise person?, lol, this is prehistoric, nobody uses this shit nowadays.
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!