两道题目看MASM汇编
引子:最近想写一些文章,但是每每到中间就放弃了,我觉得写技术文章不难,能把自己脑子想的用文字描述出来并让人看明白很难,两个字:”缺练“。
回归正题,给大家整两个小题目,供大家把玩。
1.汇编翻译为C语言
这是段函数汇编源码,请把它翻译为C代码。
1 00411A20 push ebp
2 00411A21 mov ebp,esp
3 00411A23 sub esp,0E8h
4 00411A29 push ebx
5 00411A2A push esi
6 00411A2B push edi
7 00411A2C lea edi,[ebp-0E8h]
8 00411A32 mov ecx,3Ah
9 00411A37 mov eax,0CCCCCCCCh
10 00411A3C rep stos dword ptr [edi]
11 00411A3E mov eax,dword ptr [a]
12 00411A41 add eax,dword ptr [b]
13 00411A44 mov dword ptr [d],eax
14 00411A47 mov dword ptr [i],1
15 00411A4E mov dword ptr [c],0
16 00411A55 cmp dword ptr [c],64h
17 00411A59 jge myfunction+46h (411A66h)
18 00411A5B mov eax,dword ptr [c]
19 00411A5E add eax,dword ptr [i]
20 00411A61 mov dword ptr [c],eax
21 00411A64 jmp myfunction+35h (411A55h)
22 00411A66 mov eax,dword ptr [c]
23 00411A69 mov dword ptr [ebp-0E8h],eax
24 00411A6F cmp dword ptr [ebp-0E8h],0
25 00411A76 je myfunction+63h (411A83h)
26 00411A78 cmp dword ptr [ebp-0E8h],1
27 00411A7F je myfunction+6Ah (411A8Ah)
28 00411A81 jmp myfunction+72h (411A92h)
29 00411A83 mov dword ptr [d],1
30 00411A8A mov eax,dword ptr [c]
31 00411A8D mov dword ptr [d],eax
32 00411A90 jmp myfunction+79h (411A99h)
33 00411A92 mov dword ptr [d],0
34 00411A99 mov eax,dword ptr [d]
35 00411A9C pop edi
36 00411A9D pop esi
37 00411A9E pop ebx
38 00411A9F mov esp,ebp
39 00411AA1 pop ebp
40 00411AA2 ret
41
2 00411A21 mov ebp,esp
3 00411A23 sub esp,0E8h
4 00411A29 push ebx
5 00411A2A push esi
6 00411A2B push edi
7 00411A2C lea edi,[ebp-0E8h]
8 00411A32 mov ecx,3Ah
9 00411A37 mov eax,0CCCCCCCCh
10 00411A3C rep stos dword ptr [edi]
11 00411A3E mov eax,dword ptr [a]
12 00411A41 add eax,dword ptr [b]
13 00411A44 mov dword ptr [d],eax
14 00411A47 mov dword ptr [i],1
15 00411A4E mov dword ptr [c],0
16 00411A55 cmp dword ptr [c],64h
17 00411A59 jge myfunction+46h (411A66h)
18 00411A5B mov eax,dword ptr [c]
19 00411A5E add eax,dword ptr [i]
20 00411A61 mov dword ptr [c],eax
21 00411A64 jmp myfunction+35h (411A55h)
22 00411A66 mov eax,dword ptr [c]
23 00411A69 mov dword ptr [ebp-0E8h],eax
24 00411A6F cmp dword ptr [ebp-0E8h],0
25 00411A76 je myfunction+63h (411A83h)
26 00411A78 cmp dword ptr [ebp-0E8h],1
27 00411A7F je myfunction+6Ah (411A8Ah)
28 00411A81 jmp myfunction+72h (411A92h)
29 00411A83 mov dword ptr [d],1
30 00411A8A mov eax,dword ptr [c]
31 00411A8D mov dword ptr [d],eax
32 00411A90 jmp myfunction+79h (411A99h)
33 00411A92 mov dword ptr [d],0
34 00411A99 mov eax,dword ptr [d]
35 00411A9C pop edi
36 00411A9D pop esi
37 00411A9E pop ebx
38 00411A9F mov esp,ebp
39 00411AA1 pop ebp
40 00411AA2 ret
41
我翻译成C语言是:
int myfunction(int a,int b)
{
int d=a+b;
int i=1;
int c=0;
while(c<100) {c=c+i;}
switch(c)
{
case 0:d=1;
case 1:d=c;break;
default: d=0;
}
return d;
}
{
int d=a+b;
int i=1;
int c=0;
while(c<100) {c=c+i;}
switch(c)
{
case 0:d=1;
case 1:d=c;break;
default: d=0;
}
return d;
}
再用VS2008反编上边的C代码:
1 int myfunction(int a,int b)
2 {
3 00251BD0 push ebp
4 00251BD1 mov ebp,esp
5 00251BD3 sub esp,0E8h
6 00251BD9 push ebx
7 00251BDA push esi
8 00251BDB push edi
9 00251BDC lea edi,[ebp-0E8h]
10 00251BE2 mov ecx,3Ah
11 00251BE7 mov eax,0CCCCCCCCh
12 00251BEC rep stos dword ptr es:[edi]
13 int d=a+b;
14 00251BEE mov eax,dword ptr [a]
15 00251BF1 add eax,dword ptr [b]
16 00251BF4 mov dword ptr [d],eax
17 int i=1;
18 00251BF7 mov dword ptr [i],1
19 int c=0;
20 00251BFE mov dword ptr [c],0
21 while(c<100) {c=c+i;}
22 00251C05 cmp dword ptr [c],64h
23 00251C09 jge myfunction+46h (251C16h)
24 00251C0B mov eax,dword ptr [c]
25 00251C0E add eax,dword ptr [i]
26 00251C11 mov dword ptr [c],eax
27 00251C14 jmp myfunction+35h (251C05h)
28 switch(c)
29 00251C16 mov eax,dword ptr [c]
30 00251C19 mov dword ptr [ebp-0E8h],eax
31 00251C1F cmp dword ptr [ebp-0E8h],0
32 00251C26 je myfunction+63h (251C33h)
33 00251C28 cmp dword ptr [ebp-0E8h],1
34 00251C2F je myfunction+6Ah (251C3Ah)
35 00251C31 jmp myfunction+72h (251C42h)
36 {
37 case 0:d=1;
38 00251C33 mov dword ptr [d],1
39 case 1:d=c;break;
40 00251C3A mov eax,dword ptr [c]
41 00251C3D mov dword ptr [d],eax
42 00251C40 jmp myfunction+79h (251C49h)
43 default: d=0;
44 00251C42 mov dword ptr [d],0
45 }
46
47 return d;
48 00251C49 mov eax,dword ptr [d]
49 }
50 00251C4C pop edi
51 00251C4D pop esi
52 00251C4E pop ebx
53 00251C4F mov esp,ebp
54 00251C51 pop ebp
55 00251C52 ret
56
2 {
3 00251BD0 push ebp
4 00251BD1 mov ebp,esp
5 00251BD3 sub esp,0E8h
6 00251BD9 push ebx
7 00251BDA push esi
8 00251BDB push edi
9 00251BDC lea edi,[ebp-0E8h]
10 00251BE2 mov ecx,3Ah
11 00251BE7 mov eax,0CCCCCCCCh
12 00251BEC rep stos dword ptr es:[edi]
13 int d=a+b;
14 00251BEE mov eax,dword ptr [a]
15 00251BF1 add eax,dword ptr [b]
16 00251BF4 mov dword ptr [d],eax
17 int i=1;
18 00251BF7 mov dword ptr [i],1
19 int c=0;
20 00251BFE mov dword ptr [c],0
21 while(c<100) {c=c+i;}
22 00251C05 cmp dword ptr [c],64h
23 00251C09 jge myfunction+46h (251C16h)
24 00251C0B mov eax,dword ptr [c]
25 00251C0E add eax,dword ptr [i]
26 00251C11 mov dword ptr [c],eax
27 00251C14 jmp myfunction+35h (251C05h)
28 switch(c)
29 00251C16 mov eax,dword ptr [c]
30 00251C19 mov dword ptr [ebp-0E8h],eax
31 00251C1F cmp dword ptr [ebp-0E8h],0
32 00251C26 je myfunction+63h (251C33h)
33 00251C28 cmp dword ptr [ebp-0E8h],1
34 00251C2F je myfunction+6Ah (251C3Ah)
35 00251C31 jmp myfunction+72h (251C42h)
36 {
37 case 0:d=1;
38 00251C33 mov dword ptr [d],1
39 case 1:d=c;break;
40 00251C3A mov eax,dword ptr [c]
41 00251C3D mov dword ptr [d],eax
42 00251C40 jmp myfunction+79h (251C49h)
43 default: d=0;
44 00251C42 mov dword ptr [d],0
45 }
46
47 return d;
48 00251C49 mov eax,dword ptr [d]
49 }
50 00251C4C pop edi
51 00251C4D pop esi
52 00251C4E pop ebx
53 00251C4F mov esp,ebp
54 00251C51 pop ebp
55 00251C52 ret
56
您猜对了吗?
2.高阶C
#include "stdio.h"
int main()
{
int a[5]={7,8,9,10,11};
int *ptr1=(int *)(&a+1);
int *ptr2=(int *)((int )a+1);
printf("%x,%x",ptr1[-1],*ptr2);
return 0;
}
将会打印什么?
在我的vista 32位和VS2008打印的是:
b,8000000
分析
不对之处,请大家斧正。