vc函数反汇编初析
时间:2010-06-30 来源:xiaojialin2009
////////////////////原函数////////////////////////////////////////
#include <memory.h>
void main(void)
{
char data[2];
int i;
i=1;
memset(data,0,i);
i++;
} /////////////////////////////////////////////////////////////////////// /////////////反汇编代码////////////////////////////////////////////// @ILT+0(_main):
00401005 jmp main (00401010)
0040100A int 3
0040100B int 3
0040100C int 3
0040100D int 3
0040100E int 3
0040100F int 3
--- C:\Documents and Settings\Administrator\桌面\test\memtest.cpp --------------------------------------------------------
1: #include <memory.h>
2:
3: void main(void)
4: {
00401010 push ebp //临时变量在堆栈中的地址
00401011 mov ebp,esp
00401013 sub esp,48h //为main预留空间
00401016 push ebx
00401017 push esi
00401018 push edi
00401019 lea edi,[ebp-48h]
0040101C mov ecx,12h
00401021 mov eax,0CCCCCCCCh
00401026 rep stos dword ptr [edi] //对edi所指向的内存初始化为eax
5: char data[2];
6: int i;
7: i=1;
00401028 mov dword ptr [ebp-8],1 //对变量i赋值
8: memset(data,0,i);
0040102F mov eax,dword ptr [ebp-8] //数组data的地址
00401032 push eax //将函数参数压入栈中
00401033 push 0
00401035 lea ecx,[ebp-4]
00401038 push ecx
00401039 call memset (00401060) //调用函数
0040103E add esp,0Ch //清栈 12个字节即4个字
9: i++;
00401041 mov edx,dword ptr [ebp-8] //对i++的处理
00401044 add edx,1
00401047 mov dword ptr [ebp-8],edx
10: }
0040104A pop edi //函数返回
0040104B pop esi
0040104C pop ebx
0040104D add esp,48h
00401050 cmp ebp,esp
00401052 call __chkesp (004010c0)
00401057 mov esp,ebp
00401059 pop ebp
0040105A ret
--- No source file -------------------------------------------------------------------------------------------------------
0040105B int 3
0040105C int 3
0040105D int 3
0040105E int 3
0040105F int 3
{
char data[2];
int i;
i=1;
memset(data,0,i);
i++;
} /////////////////////////////////////////////////////////////////////// /////////////反汇编代码////////////////////////////////////////////// @ILT+0(_main):
00401005 jmp main (00401010)
0040100A int 3
0040100B int 3
0040100C int 3
0040100D int 3
0040100E int 3
0040100F int 3
--- C:\Documents and Settings\Administrator\桌面\test\memtest.cpp --------------------------------------------------------
1: #include <memory.h>
2:
3: void main(void)
4: {
00401010 push ebp //临时变量在堆栈中的地址
00401011 mov ebp,esp
00401013 sub esp,48h //为main预留空间
00401016 push ebx
00401017 push esi
00401018 push edi
00401019 lea edi,[ebp-48h]
0040101C mov ecx,12h
00401021 mov eax,0CCCCCCCCh
00401026 rep stos dword ptr [edi] //对edi所指向的内存初始化为eax
5: char data[2];
6: int i;
7: i=1;
00401028 mov dword ptr [ebp-8],1 //对变量i赋值
8: memset(data,0,i);
0040102F mov eax,dword ptr [ebp-8] //数组data的地址
00401032 push eax //将函数参数压入栈中
00401033 push 0
00401035 lea ecx,[ebp-4]
00401038 push ecx
00401039 call memset (00401060) //调用函数
0040103E add esp,0Ch //清栈 12个字节即4个字
9: i++;
00401041 mov edx,dword ptr [ebp-8] //对i++的处理
00401044 add edx,1
00401047 mov dword ptr [ebp-8],edx
10: }
0040104A pop edi //函数返回
0040104B pop esi
0040104C pop ebx
0040104D add esp,48h
00401050 cmp ebp,esp
00401052 call __chkesp (004010c0)
00401057 mov esp,ebp
00401059 pop ebp
0040105A ret
--- No source file -------------------------------------------------------------------------------------------------------
0040105B int 3
0040105C int 3
0040105D int 3
0040105E int 3
0040105F int 3
相关阅读 更多 +
