It seem that this is a bug ?
Dim myLong As Long
myLong = &HAABBCCDD
''
Function myFunc (Arg1 As Long) As Long
Dim myArray (0 To 3) As Long => {1, 2, 3, 4}
Dim myData As Long
myData = 33
Function = myData
End Function
''
Print Hex$(myFunc (myLong))
Print " *** FINISHED OK *** "
Translates in ASM (for the function part)
.globl _MYFUNC@4
_MYFUNC@4:
push ebp
mov ebp, esp
sub esp,52 ; (1) ??????????????
push ebx
push esi
push edi
lea edi, [ebp-52]
mov ecx,13
xor eax, eax
rep stosd
_t0004:
push 3
push 0
push 1
push 4
lea eax, [ebp-20]
push eax
lea eax, [ebp-48]
push eax
call _fb_ArraySetDesc
add esp, 24 ; (2) ?????????????
mov dword ptr [ebp-20], 1
mov dword ptr [ebp-16], 2
mov dword ptr [ebp-12], 3
mov dword ptr [ebp-8], 4
mov dword ptr [ebp-52], 33 ; (3) ?????????????
mov eax, dword ptr [ebp-52] ; (4) ?????????????
mov dword ptr [ebp-4], eax
_t0003:
mov eax, dword ptr [ebp-4]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
ret 4
First 52 bytes of local datas are reserved on the stack (sub esp, 52)(1)
...
Then 24 bytes of these 52 bytes are "Freed "
(add esp, 24)(2)
...
Then the "freed space" is read/Write ! (3) & (4)
mov dword ptr [ebp-52], 33
mov eax, dword ptr [ebp-52]
That [ebp+52] is a space below esp, thus in free stack space and may be overwriten by any push, call ...
erdemal
