试了下GoAsm

在VC里我们:
#include <windows.h>
DWORD    dwNumberOfBytesWritten;
int main() {
  HANDLE hStdOut = GetStdHandle(STD_OUTPUT_HANDLE);
  WriteFile(hStdOut, "Hello World (from GoAsm)", 24, &dwNumberOfBytesWritten, 0);
  return dwNumberOfBytesWritten;
}
某个Windows的头文件里(1. 示意。2. windows.h包含别的头文件):
typedef unsigned int32 DWORD;
#define STD_OUTPUT_HANDLE DWORD(-10)    /* 0xfffffff6 */
HANDLE WINAPI GetStdHandle(DWORD nStdHandle);
typedef const void* LPCVOID;
typedef DWORD* LPDWORD;
BOOL WINAPI WriteFile(HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite,
LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped); 新建文本文件2.asm,贴入如下内容: .DATA dwnumberofbyteswritten dd 0 lpBuffer db 'Hello world (from goasm)', 0ah .CODE START: push -11 call GetStdHandle ; get hStdOut in eax push 0, addr dwnumberofbyteswritten ; lpOverlapped, &dwNumberOfBytesWritten push 25, addr lpBuffer ; nNumberOfBytesToWrite, lpBuffer push eax ; hStdOut call WriteFile mov eax, [dwnumberofbyteswritten] ret 再新建文本文件clr.bat (Compile-Link-Run),贴入: @ECHO OFF IF "%~n1" == "" (EXIT/B 1) SET f=%~n1 GoAsm /l %f%.asm IF ERRORLEVEL 1 (EXIT/B 2) GoLink /console /debug dbg %f%.obj kernel32.dll user32.dll IF ERRORLEVEL 1 (EXIT/B 3) %f%.exe Hello world (from GoAsm) ECHO %ERRORLEVEL% 最后clr 2或clr 2.asm,输出: GoAsm.Exe Version 0.61.0.1 - Copyright Jeremy Gordon 2001-2017 - JG@JGnet.co.uk Output file: 2.obj Output file: 2.lst GoLink.Exe Version 1.0.3.1 Copyright Jeremy Gordon 2002-2020 info@goprog.com Output file: 2.exe Format: Win32 Size: 2,560 bytes Output file: exe\2.dbg Format: Win32 Size: 395 bytes Hello world (from goasm) 25 Calling convention. stdcall、cdecl 和pascal简介 被调用者将参数从栈中清除的好处是:想象下有99处调用它,是99处加pop好,还是一处pop好?也省不了多少地方。 C语言支持可变参数数量。被调用者可能接收2个参数,也可能接收4个,堆栈如何pop? 不过我觉得可变参数数量和调用者清栈
没有100%的相关度:多传一个参数表示SP要挪多少不行吗? LPCVOID的L代表Long,16位时代的遗物,还有叫far的,表示指针是20位还是16位。 函数的返回值在eax里。 CALL/? IF/? EXIT/? 可看到批处理的帮助。

 

写了个MessageBox(命令行),兴冲冲贴上来,又发现5次里有1次MessageBox出来后,程序不动了。一生气删掉了。痛定思痛,可能是没指定堆栈大小(默认64KB). search(golink stack size)。还有折腾了半天argc, argv, envp后才想起来我们是调用main()的啊。GetCommandLine(). 哦还有search(goasm USES),USES EDI等插入push和pop edi指令。

posted @ 2021-12-05 21:10  Fun_with_Words  阅读(204)  评论(0编辑  收藏  举报









 张牌。