马上注册,结交更多好友,享用更多功能^_^
您需要 登录 才可以下载或查看,没有账号?立即注册
x
本帖最后由 kangels 于 2013-3-19 10:23 编辑 # }. N% _* [: \
2 M: M; @# K. Y& G$ Q) y1 }丢失的类型信息" z9 b9 o# n2 M: i
猜测- a$ w* A( ~& g: ^3 O
指针变量应该存储两方面的信息:地址,类型信息
6 M9 O8 w2 L1 `8 d2 Y; K' ^2 k1 T/ P) G' K
实证2 A/ P2 _7 Y2 g* @
用sizeof(),float *,int*,double *....都是4字节没有存储类型信息只有地址信息( p* m1 o# B+ Y' q; }' c
反汇编一段代码来看看
6 j$ t8 G4 b" u2 C实例1:( x: _# R* L* T4 `9 r# y" j" f/ P
#include <stdio.h> int gi; int * pi; void main(int argc, char **argv) { pi = &gi; *pi = 12; } 1: #include <stdio.h> 2: int gi; 3: int * pi; 4: void main(int argc, char **argv) 5: { 00411370 push ebp 00411371 mov ebp,esp 00411373 sub esp,0C0h 00411379 push ebx 0041137A push esi 0041137B push edi 0041137C lea edi,[ebp+FFFFFF40h] 00411382 mov ecx,30h 00411387 mov eax,0CCCCCCCCh 0041138C rep stos dword ptr es:[edi] 6: pi = &gi; 0041138E mov dword ptr ds:[00417140h],417144h 7: *pi = 12; 00411398 mov eax,dword ptr ds:[00417140h] 0041139D mov dword ptr [eax],0Ch 8: } 004113A3 xor eax,eax 004113A5 pop edi 004113A6 pop esi 004113A7 pop ebx 004113A8 mov esp,ebp 004113AA pop ebp 004113AB ret ' o4 M# f/ s' R9 l. Z
+ L% m0 P; T$ w" J- r5 g实例2:: k1 X3 R# [2 P, D2 m& }& |
#include <stdio.h> short gs; short * ps; void main(int argc, char **argv) { ps = &gs; *ps = 12; } , I+ g, C3 L5 u: }* e; z9 B
1: #include <stdio.h> 2: short gs; 3: short * ps; 4: void main(int argc, char **argv) 5: { 00411370 push ebp 00411371 mov ebp,esp 00411373 sub esp,0C0h 00411379 push ebx 0041137A push esi 0041137B push edi 0041137C lea edi,[ebp+FFFFFF40h] 00411382 mov ecx,30h 00411387 mov eax,0CCCCCCCCh 0041138C rep stos dword ptr es:[edi] 6: ps = &gs; 0041138E mov dword ptr ds:[00417140h],417144h 7: *ps = 12; 00411398 mov eax,0Ch 0041139D mov ecx,dword ptr ds:[00417140h] 004113A3 mov word ptr [ecx],ax 8: } 004113A6 xor eax,eax 004113A8 pop edi 004113A9 pop esi 004113AA pop ebx 004113AB mov esp,ebp 004113AD pop ebp 004113AE ret , {; W+ `; I! A0 m$ ?
; O$ n$ J: a. U实例3:9 ~' u) x, F. t9 d2 b/ A
#include <stdio.h> char gc; char * pc; void main(int argc, char **argv) { pc = &gc; *pc = 12; }
9 K( N2 m, l5 f, q0 M5 j 1: #include <stdio.h> 2: char gc; 3: char * pc; 4: void main(int argc, char **argv) 5: { 00411370 push ebp 00411371 mov ebp,esp 00411373 sub esp,0C0h 00411379 push ebx 0041137A push esi 0041137B push edi 0041137C lea edi,[ebp+FFFFFF40h] 00411382 mov ecx,30h 00411387 mov eax,0CCCCCCCCh 0041138C rep stos dword ptr es:[edi] 6: pc = &gc; 0041138E mov dword ptr ds:[00417140h],417144h 7: *pc = 12; 00411398 mov eax,dword ptr ds:[00417140h] 0041139D mov byte ptr [eax],0Ch 8: } 004113A0 xor eax,eax 004113A2 pop edi 004113A3 pop esi 004113A4 pop ebx 004113A5 mov esp,ebp 004113A7 pop ebp 004113A8 ret * _4 a# D7 [) b, D' P1 g% a, d
W& M5 G4 b5 E& A- p) G
可以看出指针的类型信息决定了赋值/读取时读/写多少个字节。
* g: W9 c* S! `9 S$ K6 M5 K D) l读/写多少字节的信息不是存放在指针变量中,而是放到了与该地址相关的赋值指令中。
/ D+ u; W% `) C2 c1 I* Z | 
( 粤ICP备18085999号-1 | 粤公网安备 44051102000585号)
狗仔卡
发表于 2013-3-12 20:59:39
置顶卡
千斤顶
显身卡
貌似很高深的反汇编
楼主