General questions about codes generated by compilers
I am a graduate student in computer science at the Federal University of Amazonas (UFAM), Brazil, and I am studying mechanisms of protection against exploits. I'm not sure if I'm posting this question in the right forum, but I wonder if anyone can help me. If I should put it somewhere else, please let me know. Also, if the answers are too long, I'd appreciate any references to texts that explain the topics below.
I have some general questions about codes generated by compilers:
- Is there some kind of code optimization or specific case where the compiler generates indirect JMP instructions that point to the MIDDLE of ANOTHER function code (instead of the entry point)?
- What are the situations in which the compiler generates code for functions with multiple entry points?
- What are the situations in which an indirect JMP is necessary? 1) when the distance from the PC to the branch destination address is greater than the maximum possible immediate value; 2) setting dynamically linked libraries addresses (eg PLT / GOT); 3) any other common situation?
- What are the situations where a return instruction (RET) do not divert the flow back to a statement immediately after a CALL? 1) the signal handler implemented on UNIX-based systems; 2) the lazy binding implemented on UNIX-based systems; 3) any other common situation?