Updated on 03 Oct, 202511 mins read 854 views

The STOS instruction family in x86 assembly is used for storing data from a register into memory. These instructions are part of the string operation instructions and come in different forms based on the size of the data being stored: STOSB for bytes, STOSW for words, STOSD for double words, and STOSQ for quad words (in x86-64).

Syntax and Forms

1 STOSB:

Store Byte

stosb
  • Stores the byte in AL to the memory location addressed by EDI (or RDI in 64-bit mode) and increments or decrements EDI by 1.

2 STOSW:

Store Word

stosw
  • Stores the word in AX to the memory location addressed by EDI and increments or decrements EDI by 2.

3 STOSD:

Store Double Word

stosd
  • Stores the double word in EAX to the memory location addressed by EDI and increments or decrements EDI by 4.

4 STOSQ:

Store Quad Word (x86_64)

stosq
  • Stores the quad word in RAX to the memory location addressed by RDI and increments or decrements RDI by 8.

The increment or decrement of the EDI/RDI register depends on the state of the direction flag (DF):

  • If the direction flag is clear (DF = 0), the register is incremented.
  • If the direction flag is set (DF = 1), the register is decremented.

Example

Here is an example showing how to use STOSD to fill a block of memory with a specific value:

section .data
buffer times 16 dd 0  ; Define a buffer of 16 double words (64 bytes)

section .text
global _start

_start:
    ; Fill buffer with the value 0xDEADBEEF

    mov     edi, buffer       ; Point EDI to the start of the buffer
    mov     ecx, 16           ; Number of double words to fill
    mov     eax, 0xDEADBEEF   ; Value to store

    cld                       ; Clear the direction flag (increment EDI)
    rep stosd                ; Repeat STOSD ECX times

    ; Exit program (Linux syscall)
    mov     eax, 1            ; Syscall number for exit
    xor     ebx, ebx          ; Exit code 0
    int     0x80              ; Call kernel

Explanation:

1 Initialize Registers:

  • EDI is set to the starting address of the buffer.
  • ECX is set to the number of times the store should be repeated.
  • EAX is set to the value to be stored (0xDEADBEEF).

2 Clear Direction Flag:

  • The cld instruction clears the direction flag, ensuring EDI will be incremented after each store.

3 Store Value:

  • The rep stosd instruction repeats the STOSD instruction ECX times, storing the value in EAX at the address in EDI and then incrementing EDI by 4 each time.

Detailed Operation

When STOSD is executed:

  1. The 32-bit value in EAX is stored at the address pointed to by EDI.
  2. The EDI register is updated:
    • If DF is clear, EDI is incremented by 4.
    • If DF is set, EDI is decremented by 4.

Considerations

  • Preserving Registers: If other parts of your program rely on the values of EDI, EAX, or ECX, make sure to save and restore these registers as needed.
  • Direction Flag: The state of the direction flag affects whether the index register is incremented or decremented. Use cld to clear the flag (increment) or std to set the flag (decrement) as needed.
  • Performance: Using rep stosd or other repeat prefixes can be more efficient for initializing large blocks of memory compared to a loop with individual store instructions.
Buy Me A Coffee

Leave a comment

Your email address will not be published. Required fields are marked *