马上注册,结交更多好友,享用更多功能^_^
您需要 登录 才可以下载或查看,没有账号?立即注册
x
本帖最后由 kangels 于 2013-3-19 10:23 编辑 3 v {2 L B; |8 ~/ D$ v
% k) l) c1 E2 V% N/ x( e丢失的类型信息
% j. L, q- o- A9 Z* p1 g猜测7 |) [' _& v3 D& z- I" q
指针变量应该存储两方面的信息:地址,类型信息- i# T6 |: d+ y6 U9 o0 e
3 w% I q3 }5 l$ v
实证, n! P0 ?& n( R8 F" `& f
用sizeof(),float *,int*,double *....都是4字节没有存储类型信息只有地址信息* s( _: _/ C0 \7 M2 a3 t; Q& B
反汇编一段代码来看看2 F4 J: P3 W( O+ S1 l
实例1:! E1 z; e, _2 u# k7 s* W' o' T9 e
#include <stdio.h> int gi; int * pi; void main(int argc, char **argv) { pi = &gi; *pi = 12; } 1: #include <stdio.h> 2: int gi; 3: int * pi; 4: void main(int argc, char **argv) 5: { 00411370 push ebp 00411371 mov ebp,esp 00411373 sub esp,0C0h 00411379 push ebx 0041137A push esi 0041137B push edi 0041137C lea edi,[ebp+FFFFFF40h] 00411382 mov ecx,30h 00411387 mov eax,0CCCCCCCCh 0041138C rep stos dword ptr es:[edi] 6: pi = &gi; 0041138E mov dword ptr ds:[00417140h],417144h 7: *pi = 12; 00411398 mov eax,dword ptr ds:[00417140h] 0041139D mov dword ptr [eax],0Ch 8: } 004113A3 xor eax,eax 004113A5 pop edi 004113A6 pop esi 004113A7 pop ebx 004113A8 mov esp,ebp 004113AA pop ebp 004113AB ret $ V$ `* D- R1 K( s& {0 u
6 ?! b2 _5 \+ Y" L' E1 {" u0 n实例2:, e3 h* E1 o. O# J- U1 G
#include <stdio.h> short gs; short * ps; void main(int argc, char **argv) { ps = &gs; *ps = 12; } 9 O5 c5 W2 c9 g+ ]8 @% K
1: #include <stdio.h> 2: short gs; 3: short * ps; 4: void main(int argc, char **argv) 5: { 00411370 push ebp 00411371 mov ebp,esp 00411373 sub esp,0C0h 00411379 push ebx 0041137A push esi 0041137B push edi 0041137C lea edi,[ebp+FFFFFF40h] 00411382 mov ecx,30h 00411387 mov eax,0CCCCCCCCh 0041138C rep stos dword ptr es:[edi] 6: ps = &gs; 0041138E mov dword ptr ds:[00417140h],417144h 7: *ps = 12; 00411398 mov eax,0Ch 0041139D mov ecx,dword ptr ds:[00417140h] 004113A3 mov word ptr [ecx],ax 8: } 004113A6 xor eax,eax 004113A8 pop edi 004113A9 pop esi 004113AA pop ebx 004113AB mov esp,ebp 004113AD pop ebp 004113AE ret
3 u4 r" V/ J: W6 O3 S' d$ v6 H
2 d$ c) q; _0 F实例3:( F( F2 \! }. H0 `1 Q1 b; W
#include <stdio.h> char gc; char * pc; void main(int argc, char **argv) { pc = &gc; *pc = 12; } , p/ V) ?$ h) [! v% Q1 w* ?. E2 i
1: #include <stdio.h> 2: char gc; 3: char * pc; 4: void main(int argc, char **argv) 5: { 00411370 push ebp 00411371 mov ebp,esp 00411373 sub esp,0C0h 00411379 push ebx 0041137A push esi 0041137B push edi 0041137C lea edi,[ebp+FFFFFF40h] 00411382 mov ecx,30h 00411387 mov eax,0CCCCCCCCh 0041138C rep stos dword ptr es:[edi] 6: pc = &gc; 0041138E mov dword ptr ds:[00417140h],417144h 7: *pc = 12; 00411398 mov eax,dword ptr ds:[00417140h] 0041139D mov byte ptr [eax],0Ch 8: } 004113A0 xor eax,eax 004113A2 pop edi 004113A3 pop esi 004113A4 pop ebx 004113A5 mov esp,ebp 004113A7 pop ebp 004113A8 ret & K6 A4 Q B% t5 |
; o' b$ V3 G; C }) `6 I
可以看出指针的类型信息决定了赋值/读取时读/写多少个字节。
& q6 y( g$ q' H* f" N R, F读/写多少字节的信息不是存放在指针变量中,而是放到了与该地址相关的赋值指令中。2 X# t6 W' \% ~9 q% i% ^$ v
| 
( 粤ICP备18085999号-1 | 粤公网安备 44051102000585号)
狗仔卡
发表于 2013-3-12 20:59:39
置顶卡
千斤顶
显身卡
貌似很高深的反汇编
楼主
5 u4 @* R1 S) g7 ~% X- i1 R