马上注册,结交更多好友,享用更多功能^_^
您需要 登录 才可以下载或查看,没有账号?立即注册
x
本帖最后由 kangels 于 2013-3-19 10:23 编辑
# t9 {& F& x, X7 i c7 k7 r
4 U2 i f& q) i0 F0 x+ {0 E) ^丢失的类型信息
. d, @/ \. Q/ h5 S" k0 a猜测
$ J# D# d: v) h) o* y指针变量应该存储两方面的信息:地址,类型信息% d1 X, @# t, S" @
. z' j1 j4 P, x, L
实证, I0 m1 T- z9 F f6 [- h1 \( V6 ~
用sizeof(),float *,int*,double *....都是4字节没有存储类型信息只有地址信息
# Z. B' s, A1 D+ ^* r+ h反汇编一段代码来看看
2 m" b7 z: g) H实例1:
( @1 J' l5 Y0 I8 n" i% h- y#include <stdio.h> int gi; int * pi; void main(int argc, char **argv) { pi = &gi; *pi = 12; } 1: #include <stdio.h> 2: int gi; 3: int * pi; 4: void main(int argc, char **argv) 5: { 00411370 push ebp 00411371 mov ebp,esp 00411373 sub esp,0C0h 00411379 push ebx 0041137A push esi 0041137B push edi 0041137C lea edi,[ebp+FFFFFF40h] 00411382 mov ecx,30h 00411387 mov eax,0CCCCCCCCh 0041138C rep stos dword ptr es:[edi] 6: pi = &gi; 0041138E mov dword ptr ds:[00417140h],417144h 7: *pi = 12; 00411398 mov eax,dword ptr ds:[00417140h] 0041139D mov dword ptr [eax],0Ch 8: } 004113A3 xor eax,eax 004113A5 pop edi 004113A6 pop esi 004113A7 pop ebx 004113A8 mov esp,ebp 004113AA pop ebp 004113AB ret 5 I. W: W& O( A# n+ `
. P/ Y1 i: c( F1 P! Z实例2:
" |0 N# H+ b) j: x4 U. K: Q#include <stdio.h> short gs; short * ps; void main(int argc, char **argv) { ps = &gs; *ps = 12; }
$ Z8 r, Q, N3 x; w% U7 R 1: #include <stdio.h> 2: short gs; 3: short * ps; 4: void main(int argc, char **argv) 5: { 00411370 push ebp 00411371 mov ebp,esp 00411373 sub esp,0C0h 00411379 push ebx 0041137A push esi 0041137B push edi 0041137C lea edi,[ebp+FFFFFF40h] 00411382 mov ecx,30h 00411387 mov eax,0CCCCCCCCh 0041138C rep stos dword ptr es:[edi] 6: ps = &gs; 0041138E mov dword ptr ds:[00417140h],417144h 7: *ps = 12; 00411398 mov eax,0Ch 0041139D mov ecx,dword ptr ds:[00417140h] 004113A3 mov word ptr [ecx],ax 8: } 004113A6 xor eax,eax 004113A8 pop edi 004113A9 pop esi 004113AA pop ebx 004113AB mov esp,ebp 004113AD pop ebp 004113AE ret
3 N g7 ~0 [! {. v9 O# U6 ]2 p
. {3 n) s$ ]; o4 g% ~& M4 m1 E实例3:
5 r% u: Y, G- B m& C% Y O#include <stdio.h> char gc; char * pc; void main(int argc, char **argv) { pc = &gc; *pc = 12; }
& P% d5 X, t/ u3 Y 1: #include <stdio.h> 2: char gc; 3: char * pc; 4: void main(int argc, char **argv) 5: { 00411370 push ebp 00411371 mov ebp,esp 00411373 sub esp,0C0h 00411379 push ebx 0041137A push esi 0041137B push edi 0041137C lea edi,[ebp+FFFFFF40h] 00411382 mov ecx,30h 00411387 mov eax,0CCCCCCCCh 0041138C rep stos dword ptr es:[edi] 6: pc = &gc; 0041138E mov dword ptr ds:[00417140h],417144h 7: *pc = 12; 00411398 mov eax,dword ptr ds:[00417140h] 0041139D mov byte ptr [eax],0Ch 8: } 004113A0 xor eax,eax 004113A2 pop edi 004113A3 pop esi 004113A4 pop ebx 004113A5 mov esp,ebp 004113A7 pop ebp 004113A8 ret
4 _$ r* k& F3 \, g# w3 V4 i" F4 n! U/ P+ h' [% l& g# @ R
可以看出指针的类型信息决定了赋值/读取时读/写多少个字节。
+ q- S. b$ y5 z; \' \读/写多少字节的信息不是存放在指针变量中,而是放到了与该地址相关的赋值指令中。5 m0 ^1 N! @) Z8 ?9 f
| 
( 粤ICP备18085999号-1 | 粤公网安备 44051102000585号)
狗仔卡
发表于 2013-3-12 20:59:39
置顶卡
千斤顶
显身卡
貌似很高深的反汇编
楼主
5 e9 {/ o8 w0 V. R; r% o