汇编中如果汇编和调用API混合用的话要注意Pushad popad

某群有个人提出一个奇怪的问题,这段代码的循环不正常

;MASMPlus 代码模板 - 控制台程序

.386
.model flat, stdcall
option casemap :none

include windows.inc
include user32.inc
include kernel32.inc
include masm32.inc
include gdi32.inc

includelib gdi32.lib
includelib user32.lib
includelib kernel32.lib
includelib masm32.lib
include macro.asm
.data
 lpMsg  db "Hello World!",0
 
.data?
 buffer db MAX_PATH dup(?)
 
.CODE
START:
  
 mov ecx,5
@@:
  
   invoke MessageBoxA,NULL,CTEXT("13"),CTEXT("13"),MB_OK
  
 loop @B
 
 invoke ExitProcess,0
 
end START

 

 

按道理Loop等于ECX-1,然后查看ECX==0,如果相当则不循环,如果不等于则进行循环,但是这个ECX却不是5

 

 

在调用Api前后加入pushad popad则正常了

;MASMPlus 代码模板 - 控制台程序

.386
.model flat, stdcall
option casemap :none

include windows.inc
include user32.inc
include kernel32.inc
include masm32.inc
include gdi32.inc

includelib gdi32.lib
includelib user32.lib
includelib kernel32.lib
includelib masm32.lib
include macro.asm
.data
    lpMsg        db "Hello World!",0
    
.data?
    buffer    db MAX_PATH dup(?)
    
.CODE
START:
   
    mov ecx,5
@@:
   pushad
   invoke MessageBoxA,NULL,CTEXT("13"),CTEXT("13"),MB_OK
   popad
    loop @B
    
    invoke ExitProcess,0
    
end START

 

posted on 2014-09-28 00:01  shellcode  阅读(456)  评论(0编辑  收藏  举报

导航