为什么汇编程序员想要在这个位置而不是 esp 中从 ebp 中减去?
Why would an assembly programmer want to subtract from ebp in this location instead of esp?
我对 ebp 和 esp 在 x86 汇编语言中设置堆栈帧的用法有点困惑。在以下代码中:
section '.code' code readable executable ; define the code section of the file
main: ;main label is where execution begins
push ebp
mov ebp,esp ;set up the base ptr
sub ebp,4 ;subtract 4 from ebp
mov dword [esp],msg
call [printf]
mov dword [esp],p ; pass pause>nul cmd to system to hold the box open
call [system]
mov dword [esp],0 ;pass NULL to exit
call [exit]
程序员已经从 ebp 中减去 4,但我不确定为什么。通常,我在这里看到 ESP 的减法而不是 EBP。这里EBP减去的目的是什么?
这绝对是一个错误:
push ebp ; 1
mov ebp,esp ; 2
sub ebp,4 ; 3
mov dword [esp],msg ; 4
因为指令 2 和 3 只修改 ebp 寄存器(而不是 esp)指令 4 将覆盖指令 1 中压入的值。
我怀疑程序员是故意的。
您的代码似乎来自 FASM tutorial,完整代码如下所示:
format PE console
entry main
include 'macro/import32.inc'
section '.data' data readable writeable
msg db "hello world!",0
p db "pause>nul",0
section '.code' code readable executable
main:
push ebp
mov ebp,esp
sub ebp,4
mov dword [esp],msg
call [printf]
mov dword [esp],p
call [system]
mov dword [esp],0
call [exit]
section '.idata' import data readable
library msvcrt,'msvcrt.dll'
import msvcrt,\
printf,'printf',\
system,'system',\
exit,'exit'
作者在代码描述中这样写道:
Starting with our entrypoint
label main, I set up a stack frame and allocate 4 bytes on the stack by
subtracting 4 from the value of esp. Now in that 4 byte range I place the address of msg in there and call printf,
这让我相信作者的实际指示是:
sub esp, 4
代码实际上有错字。描述正确,代码错误
我对 ebp 和 esp 在 x86 汇编语言中设置堆栈帧的用法有点困惑。在以下代码中:
section '.code' code readable executable ; define the code section of the file
main: ;main label is where execution begins
push ebp
mov ebp,esp ;set up the base ptr
sub ebp,4 ;subtract 4 from ebp
mov dword [esp],msg
call [printf]
mov dword [esp],p ; pass pause>nul cmd to system to hold the box open
call [system]
mov dword [esp],0 ;pass NULL to exit
call [exit]
程序员已经从 ebp 中减去 4,但我不确定为什么。通常,我在这里看到 ESP 的减法而不是 EBP。这里EBP减去的目的是什么?
这绝对是一个错误:
push ebp ; 1
mov ebp,esp ; 2
sub ebp,4 ; 3
mov dword [esp],msg ; 4
因为指令 2 和 3 只修改 ebp 寄存器(而不是 esp)指令 4 将覆盖指令 1 中压入的值。
我怀疑程序员是故意的。
您的代码似乎来自 FASM tutorial,完整代码如下所示:
format PE console
entry main
include 'macro/import32.inc'
section '.data' data readable writeable
msg db "hello world!",0
p db "pause>nul",0
section '.code' code readable executable
main:
push ebp
mov ebp,esp
sub ebp,4
mov dword [esp],msg
call [printf]
mov dword [esp],p
call [system]
mov dword [esp],0
call [exit]
section '.idata' import data readable
library msvcrt,'msvcrt.dll'
import msvcrt,\
printf,'printf',\
system,'system',\
exit,'exit'
作者在代码描述中这样写道:
Starting with our entrypoint label main, I set up a stack frame and allocate 4 bytes on the stack by subtracting 4 from the value of esp. Now in that 4 byte range I place the address of msg in there and call printf,
这让我相信作者的实际指示是:
sub esp, 4
代码实际上有错字。描述正确,代码错误