Hey guys,
I am thinking about writing a disassembler to play more with assembly.
What I was wondering with IDA for example:
.text:00CD28B0 55 push ebp
.text:00CD28B1 8B EC mov ebp, esp
If I use CreateFileMapping to map a file into memory. Is it possible to find a reference to the function start?.
The above portion is called from:
.text:0062CA6B E8 40 5E 6A 00 call sub_CD28B0
But what if I only have the function start, how would I go on on finding the caller, without breakpointing the code offcourse.
It's something that has me busy for a while now and I am wondering how it works.