今天嘗試在16位下寫c 用nasm+ gcc
鏈接成功 進入C語言也是成功
但是在有個子函式里面內嵌了匯編的時候計算堆疊出錯了
紅色部分就是問題所在
該代碼push ebx
push edi
但是訪問的確是 ebp+8
應該是ebp+16
#define putw_gs(offset,num) __asm__("movw %0,%%gs:(%1)"::"b"(num),"D"(offset):)
int start()
{
int k,g=0;
char parr[] = "qwertyuiop[];lkj";
char *ksp;
printf(parr);
while(1);
}
int printf(char *i)
{
unsigned short int p;
unsigned int short mb;
unsigned int short dda=0;
char *ope;
p=0;
ope=i;
dda=*ope+256;
putw_gs(p,dda);
ope++;
dda=*ope+256;
putw_gs(p,dda);
ope++;
dda=*ope+256;
putw_gs(p,dda);
ope++;
}
.file "code16.cpp"
/APP
.code16
/NO_APP
.globl _fff
.data
_fff:
.ascii "1234567890123abc\0"
.text
.globl __Z5startv
.def __Z5startv; .scl 2; .type 32; .endef
__Z5startv:
pushl %ebp
movl %esp, %ebp
subl $56, %esp
movl $0, -12(%ebp)
movl $1919252337, -29(%ebp)
movl $1769306484, -25(%ebp)
movl $1566273647, -21(%ebp)
movl $1785424955, -17(%ebp)
movb $0, -13(%ebp)
leal -29(%ebp), %eax
movl %eax, (%esp)
call __Z6printfPc
L2:
jmp L2
.globl __Z6printfPc
.def __Z6printfPc; .scl 2; .type 32; .endef
__Z6printfPc:
pushl %ebp
movl %esp, %ebp
pushl %edi
pushl %ebx
subl $16, %esp
movw $0, -10(%ebp)
movw $0, -12(%ebp)
movl 8(%ebp), %eax
movl %eax, -16(%ebp)
movl -16(%ebp), %eax
movzbl (%eax), %eax
cbtw
addw $256, %ax
movw %ax, -10(%ebp)
movzwl -10(%ebp), %eax
movzwl -12(%ebp), %edx
movl %eax, %ebx
movl %edx, %edi
/APP
# 33 "code16.cpp" 1
movw %bx,%gs:(%di)
# 0 "" 2
/NO_APP
addl $1, -16(%ebp)
movl -16(%ebp), %eax
movzbl (%eax), %eax
cbtw
addw $256, %ax
movw %ax, -10(%ebp)
movzwl -10(%ebp), %eax
movzwl -12(%ebp), %edx
movl %eax, %ebx
movl %edx, %edi
/APP
# 37 "code16.cpp" 1
movw %bx,%gs:(%di)
# 0 "" 2
/NO_APP
addl $1, -16(%ebp)
movl -16(%ebp), %eax
movzbl (%eax), %eax
cbtw
addw $256, %ax
movw %ax, -10(%ebp)
movzwl -10(%ebp), %eax
movzwl -12(%ebp), %edx
movl %eax, %ebx
movl %edx, %edi
/APP
# 41 "code16.cpp" 1
movw %bx,%gs:(%di)
# 0 "" 2
/NO_APP
addl $1, -16(%ebp)
addl $16, %esp
popl %ebx
popl %edi
popl %ebp
ret
.globl __Z5testrv
.def __Z5testrv; .scl 2; .type 32; .endef
__Z5testrv:
pushl %ebp
movl %esp, %ebp
subl $16, %esp
movl $81, -4(%ebp)
movl -4(%ebp), %eax
leave
ret
.ident "GCC: (tdm64-2) 4.8.1"
uj5u.com熱心網友回復:
16位下,能訪問32為暫存器??uj5u.com熱心網友回復:
你在你編譯的C上加上 __asm__(".code16\r\n");uj5u.com熱心網友回復:
補充一下 我寫錯了 應該是ebp+6 因為16位下是 ip 不是eip ip 2位元組 + push ebp 4位元組 應該訪問ebp+6轉載請註明出處,本文鏈接:https://www.uj5u.com/houduan/133582.html
標籤:C語言
上一篇:CSP2018秋
下一篇:友元的問題,謝謝