The Stack And The Heap & The Difference Between Them

1- The STACK

we can define the stack by saying it is a linear data structure , when every program or executable is running it is been loaded in the memory , as we know every program has data to process and has functions , we can divide the data into two main categories

1- GLOBAL data or variables

2- LOCAL data or variables

now the main difference between local and global variables is in declaration

local variables are declared inside functions and when the functions terminates the local variables inside of it disappears , the opposite is with global variables , its not declared inside a specific function and can be accessed with any function and it disappears when the program stops execution .

now that we know the two main types of variables , the question arises

where is the location of each one of them?

in case of a global variable it is inside the .data section

but local variables are stored onto the stack

so the stack holds locals variables that are only accessible by their own functions

the stack is a LIFO ( last in first out ) data structure which means the first value pushed onto the stack is the last value that it is popped from the stack

image src = https://blog.robertelder.org/images/fifo-lifo-harmful-stacks-queues_stack-in-stack-out-multiple_1000x600_q85.jpeg

when it comes to the communication between the stack and the program it is established by the PUSH and POP instructions ( push and pop are instructions in assembly language )

1- push instruction pushes value onto the top of the stack

2- pop instructions pops the value that it is stored on top of the stack and store it in a specific place that is passed to the instruction

push & pop illustration

image src = https://qawithexperts.com/article/c-cpp/stack-program-in-c-concept-algorithm-c-program-example/145

now we know the stack’s layout and the way that programs communicate with the stack

so why even the stack is important?

a program is a set of functions every function has its own instruction and its own variables , so for any function to work probably it needs to store its variables on the stack so it can access it any time and do processes on it

so when we execute a call to a certain function

the first thing that happens is pushing the next instruction’s address onto the stack

why? because then when the function ends with its execution , the program then pop’s the address from the stack and continue execution .

call instruction

so what else is pushed on the stack other than the address of the next instruction?

as i mentioned before the variables inside the function are pushed on the stack also there is the EBP ( BASE POINTER ) register will be pushed on the stack and it points to the beginning of what is called STACK FRAME and a stack frame is just a space in memory reserved for the function to store its local variables , the ebp register points to the base of the stack frame and ESP ( STACK POINTER ) points to the top of the stack frame (esp always pointing to the top of the stack )

stack frame layout

image src = http://etutorials.org/Networking/network+security+assessment/Chapter+13.+Application-Level+Risks/13.4+Classic+Buffer-Overflow+Vulnerabilities/

the stack frame initialization process happens at the beginning of each function (this operation is called function prologue) and after the function ends execution, cleaning the stack frame and popping the variables is implemented at the end of the function ( this operation is called function epilogue ).

i recommend further reading about those two operations.

2\ The Heap

the heap is a hierarchical data structure unlike the stack it is not automatically managed by the CPU , it is managed by the programmer and for allocating memory on the heap you must use certain functions like malloc() and calloc() in C, and free() functions is used for freeing the space that has been allocated on the heap.

for allocating memory the malloc functions use the mmap and brk system calls to ask for a memory.

for info about the system calls (for linux users)

man 2 mmap

man 2 brk

mmap and brk

so what is system calls and what are they used for?

system calls are just a way to ask the kernel to do something for you as long as there is no direct communication to the kernel we use system calls.

when allocating memory on the heap and storing some values into that chunk of memory there is something called chunk header is implemented in every chunk and it is a 2 bytes space.

in malloc algorithm the size of the chunk is stored in the 4 bytes before the chunk and the lowest bit indicates that the previous chunk is used .

the heap layout

image src = https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w