Substitutes for x86 assembly 'call' instruction?

Question

What are some alternatives to the x86 call instruction? Maybe something like a push of the return address then a jump?

Also is their a command for obtaining the curr

Answer 1

The call instruction actually does this for you. For example call my_func would do something like:

push ret_address
jmp my_func

A subsequent ret call would just use the address you just pushed to jmp back in a sense. Is there a specific reason that you don't want to use call or is it not available for you? For current position in memory you can try to read the eip register (can't write to it).

Answer 2

You can just push a dword value and jmp to the procedure. The push would be the return address :

push return_address (push eax if address in eax)
jmp call_address

Remember to also push arguments if they exist for that particular call.

What do you mean by current position in memory ? I suppose that you mean the current instruction pointer. You cannot get that directly, but you can use a seh handler(structured exception handler) to get that value upon causing a handled exception.

Answer 3

If I don't get something mixed up I would say it depends. As you can see here there are near and far calls, but let's just consider the near call. There are again two possibilities

E8 <offset> # relative
FF <address> # absolute

whereas FF means an absolute "jump" and E8 indeed means relative to current eip.

So if you have e.g.

E8 32 45 ab 6f

which means

call 0x3245ab6f

This would translate to

push %eip
add $0x3245ab6f, %eip

and not

push %eip
jmp $0x3245ab6f