why ebp is empty while gcc compiled with -ggdb arg(without optimization)

Word count: 64 | Reading time≈ 1 min

The answer basically is "why IT'S called calling-convention rather than requirement"

for _cdecl ,it suggest fn set-up its env and tear-up by itself

so a fn is actually can run without save ebp,since it's a special fn

while there is still a safty reason that to prevant from shellcode 'leave' get control of stack frame of _libc_start_main fn

Copyright： Copyright is owned by the author. For commercial reprints, please contact the author for authorization. For non-commercial reprints, please indicate the source.