understanding assembly language lea instruction

Question

I don't understand why line 8 is performed, can anyone explain it please? On line 10 strcpy is called, but 0x80482c4 doesn't contain any reference to 'hello world' (checked with gdb). My thinking is that esp is pointing to the starting memory address of 'hello world' and esp is being executed when strcpy is called? My guess at line 9 is that it is setting up enough space for the 'hello world' char array but in the code it was initialized to 20.

1.  push     ebp
2.  mov      ebp,esp
3.  sub      esp,0x38 // why does this happen?
4.  and      esp, 0xfffffff0
5.  mov      eax,0x0
6.  sub      esp,eax
7.  mov      DWORD PTR [esp+4],0x80484c4 //contains 'h'
8.  lea      eax,[ebp-40] // what is going on here? why ebp-40 bytes?
9.  mov      DWORD PTR [esp], eax 
10. call     0x80482c4 <strcppy@plt>
11. lea      eax,[ebp-40]
12. mov      DWORD PTR [esp],eax
13. call     0x80482d4 <printf@plt>
14. leave
15. ret

C equivalent: #include #include

int main() {
char str_a[20];

strcpy(str_a, "Hello, world!\n");
printf(str_a);
}

Answer 1

0x80482c4 doesn't contain any reference to 'hello world' (checked with gdb)

You must have checked wrong. You probably just printed the first letter, which is h (or H ). It's 99% sure that's your hello world string.

Line 3 is setting up the space for your local variables, and the compiler has chosen to place your str_a at ebp-40 . The lea is just loading that address.

It's generally hard to tell why the compiler chooses a specific stack layout, as long as there is space for everything, it doesn't really matter.