Is it valid to write below ESP?

Question

For a 32-bit windows application is it valid to use stack memory below ESP for temporary swap space without explicitly decrementing ESP?

Consider a function that ret

Answer 1

In general (not specifically related to any OS); it's not safe to write below ESP if:

• It's possible for the code to be interrupted and the interrupt handler will run at the same privilege level. Note: This is typically very unlikely for "user-space" code, but extremely likely for kernel code.

• You call any other code (where either the call or the stack used by the called routine can trash the data you stored below ESP)

• Something else depends on "normal" stack use. This can include signal handling, (language based) exception unwinding, debuggers, "stack smashing protector"

It's safe to write below ESP if it's not "not safe".

Note that for 64-bit code, writing below RSP is built into the x86-64 ABI ("red zone"); and is made safe by support for it in tool chains/compilers and everything else.