九、if-else 逆向代码
1 int _tmain(int argc, _TCHAR* argv[]) 2 { 3 004113B0 push ebp 4 004113B1 mov ebp,esp 5 004113B3 sub esp,0CCh 6 004113B9 push ebx 7 004113BA push esi 8 004113BB push edi 9 004113BC lea edi,[ebp-0CCh] 10 004113C2 mov ecx,33h 11 004113C7 mov eax,0CCCCCCCCh 12 004113CC rep stos dword ptr es:[edi] 13 int c; 14 printf("input number\n"); 15 004113CE mov esi,esp 16 004113D0 push offset string "input number\n" (415770h) 17 004113D5 call dword ptr [__imp__printf (4182BCh)] 18 004113DB add esp,4 19 004113DE cmp esi,esp 20 004113E0 call @ILT+325(__RTC_CheckEsp) (41114Ah) 21 scanf("%d",&c); 22 004113E5 mov esi,esp 23 004113E7 lea eax,[c] 24 004113EA push eax 25 004113EB push offset string "%d" (41576Ch) 26 004113F0 call dword ptr [__imp__scanf (4182C4h)] 27 004113F6 add esp,8 28 004113F9 cmp esi,esp 29 004113FB call @ILT+325(__RTC_CheckEsp) (41114Ah) 30 if( (c>0) && (c<10) ) 31 00411400 cmp dword ptr [c],0 32 00411404 jle wmain+75h (411425h) 33 00411406 cmp dword ptr [c],0Ah 34 0041140A jge wmain+75h (411425h) 35 { 36 printf("a>0 && a<10"); 37 0041140C mov esi,esp 38 0041140E push offset string "a>0 && a<10" (41575Ch) 39 00411413 call dword ptr [__imp__printf (4182BCh)] 40 00411419 add esp,4 41 0041141C cmp esi,esp 42 0041141E call @ILT+325(__RTC_CheckEsp) (41114Ah) 43 00411423 jmp wmain+0B1h (411461h) 44 } 45 else if ( (c>10) && (c<100) ) 46 00411425 cmp dword ptr [c],0Ah 47 00411429 jle wmain+9Ah (41144Ah) 48 0041142B cmp dword ptr [c],64h 49 0041142F jge wmain+9Ah (41144Ah) 50 { 51 printf("c>10 && a<100"); 52 00411431 mov esi,esp 53 00411433 push offset string "c>10 && a<100" (41574Ch) 54 00411438 call dword ptr [__imp__printf (4182BCh)] 55 0041143E add esp,4 56 00411441 cmp esi,esp 57 00411443 call @ILT+325(__RTC_CheckEsp) (41114Ah) 58 } 59 else 60 00411448 jmp wmain+0B1h (411461h) 61 { 62 printf("a<0 || a>100"); 63 0041144A mov esi,esp 64 0041144C push offset string "a<0 || a>100" (41573Ch) 65 00411451 call dword ptr [__imp__printf (4182BCh)] 66 00411457 add esp,4 67 0041145A cmp esi,esp 68 0041145C call @ILT+325(__RTC_CheckEsp) (41114Ah) 69 } 70 return 0; 71 00411461 xor eax,eax 72 } 73 00411463 push edx 74 00411464 mov ecx,ebp 75 00411466 push eax 76 00411467 lea edx,[ (411488h)] 77 0041146D call @ILT+135(@_RTC_CheckStackVars@8) (41108Ch) 78 00411472 pop eax 79 00411473 pop edx 80 00411474 pop edi 81 00411475 pop esi 82 00411476 pop ebx 83 00411477 add esp,0CCh 84 0041147D cmp ebp,esp 85 0041147F call @ILT+325(__RTC_CheckEsp) (41114Ah) 86 00411484 mov esp,ebp 87 00411486 pop ebp 88 00411487 ret
对应的c++代码:
1 #include "stdafx.h" 2 3 4 int _tmain(int argc, _TCHAR* argv[]) 5 { 6 int c; 7 printf("input number\n"); 8 scanf("%d",&c); 9 if( (c>0) && (c<10) ) 10 { 11 printf("a>0 && a<10"); 12 } 13 else if ( (c>10) && (c<100) ) 14 { 15 printf("c>10 && a<100"); 16 } 17 else 18 { 19 printf("a<0 || a>100"); 20 } 21 return 0; 22 }
对于if(a && b) 的情况,一般都是使用否决法,即如果A不成立,则立即跳转到下一个分支。同理,如果B不成立,也跳转到下一个分支。
1 cmp <条件> 2 jle <下一个分支>
.....