C/C++

__cdecl

Function calling convention which is the most common because it supports semantics required by the C language. The C language supports variadic functions (variable argument lists, such as printf), and this means that the caller must clean up the stack after the function call: the called function has no way to know how to do this. It's not terribly optimal, but the C language semantics demand it.

__stdcall

This function calling convention requires that each function take a fixed number of parameters, and this means that the called function can do argument cleanup in one place rather than have this be scattered throughout the program in every place that calls it. The Win32 API primarily uses __stdcall.

Shim

Shim an engineering term used to describe a piece of wood or metal that is inserted between two objects to make them fit together better. In computer programming, a shim is a small library which transparently intercepts an API, changes the parameters passed, handles the operation itself, or redirects the operation elsewhere. Shims can also be used for running programs on different software platforms than they were developed for.
The Shim Infrastructure implements a form of Application Programming Interface (API) hooking. The Windows API is implemented using a collection of DLLs. Each application built for Windows imports these DLLs, and maintains a table of the address of each of these functions in memory. Because the address of the Windows functionality is sitting in a table, it is straightforward for the shim engine to replace this address with the address of the shim DLL instead. The application is generally unaware that the request is going to a shim DLL instead of to Windows itself, and Windows is unaware that the request is coming from a source other than the application (because the shim DLL is just another DLL inside the application’s process).
 

Stack (OS) 

A stack, as related to executing code in Windows, is simply just a block of memory assigned by the operating system to a running thread. The purpose of the stack, among other things, is to track the function call chain (allocation of local variables, parameter passing, and so on). Any time a function call is made, another frame is created and pushed on the stack. As the thread makes more and more function calls, the stack grows bigger and bigger.
 

Function Outline

  • Function prologue
  • Function code
  • Function epilogue
 
 
 

Subpage Listing

 
 

 
Comments