Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!cornell!batcomputer!itsgw!steinmetz!uunet!garfield!john13
From: john13@garfield.MUN.EDU (John Russell)
Newsgroups: comp.sys.cbm
Subject: Overwriting the stack
Message-ID: <5043@garfield.MUN.EDU>
Date: 20 Dec 88 00:42:06 GMT
Reply-To: john13@garfield.UUCP (John Russell)
Organization: Memorial University of Newfoundland
Lines: 21

This is something that has always bothered me. A standard trick I used to use
many years ago on the C64 was the following (in PAL notation, and probably
not terribly accurate):

10 *= $0100	; beginning of stack
20 .byte 02	; fill stack with $0202 addresses
30 .if *-$0203: .goto 20	; loop until PC reaches $0203
40 [ boot code ]	; located at $0203, executed when LOAD does an RTS

By using this I was able to create all sorts of programs that would auto-run
on being loaded ,8,1. But what puzzles me is how the program loading routine
manages to read in bytes that completely corrupt the stack, and still manage
to only return (ie execute an RTS) when the program load is finished.

This would seem to indicate to me that the main disk-load routine never
does any subroutine calls (eg GETIN). Is that the way it works?

John
-- 
"Version 2.0 is advertised as supporting cursor keys."
	    -- somewhat left-handed endorsement of a Mac word-processor :-)