|
|
- // 参数压栈 EBP+8,EBP+c,EBP+4为ret 地址 局部变量为EBP-4,ebp-8,ebp-....................,返回值存放在EAx,而main的r即为ebp-4,接收返回值。语言表述能力弱,见谅
- #include "stdafx.h"
- #include "stdlib.h"
- #include "stdio.h"
- int Function1()
- {
- char a=0x10;
- short b=0x20;
- int c=0x30;
- return a; // MOVS EAX,DWORD PTR[EBP-0X4]
- }
- int Function2(int x,int y)
- {
- int Result;
- int A=0x10;
- int B=0x20;
- Result=A+B+x+y;
- return Result;
- }
- int _declspec(naked) Function2Asm(int x,int y)
- {
-
- _asm
- {
- push ebp
- mov ebp,esp
- sub esp,0x48
- push edi
- push esi
- push ecx
- mov eax,0xcccccccc
- mov ecx,0x12
- lea edi,[ebp-0x48]
- rep stosd
- ///////////////////
- mov dword ptr [ebp-0x4],0x10
- mov eax,[ebp-0x4]
- mov dword ptr[ebp-0x8],0x20
- mov ecx,[ebp-0x8]
- add eax,ecx
- add eax,[ebp+0x8]
- add eax,[ebp+0xc]
- //////////////////
- pop ecx
- pop esi
- pop edi
- mov esp,ebp
- pop ebp
- ret
- }
-
- }
- void main()
- {
- int r;
- // int r=Function1();
- // int r=Function2(0x30,0x40);
- _asm
- {
- push 0x40
- push 0x30
- call Function2Asm
- add esp,0x8
- mov r,eax
- }
- printf("%x",r);
- getchar();
- }
|
上一篇: 献丑了,C和ASM下一篇: 献丑了,C和ASM(002)手写数组
|
/2 
发表于 2021-9-18 13:05:48
