printf函数
-
printf("%d", num);
-
汇编代码调用过程:
0071183F mov eax,dword ptr [num] 00711842 push eax 00711843 push offset string "%d" (0717B30h) 00711848 call _printf (0711046h) 0071184D add esp,8
-
ida
call ___main
mov dword ptr [esp+1Ch], 1
mov eax, [esp+1Ch]
mov [esp+4], eax
mov dword ptr [esp], offset aD ; "%d"
call _printf
mov eax, 0
leave
retn
_main endp
函数分析
#include <stdio.h>
int main()
{
printf("Hello,World!");
return 0;
}
#include <stdio.h>
int main()
{
00841810 push ebp ;压栈
00841811 mov ebp,esp ;
00841813 sub esp,0C0h ;抬高栈
00841819 push ebx ;保留现场
0084181A push esi ;保留现场
0084181B push edi ;保留现场
0084181C lea edi,[ebp-0C0h]
00841822 mov ecx,30h
00841827 mov eax,0CCCCCCCCh
0084182C rep stos dword ptr es:[edi] ;① 把这段空间全刷为0CCCCCCCCh
0084182E mov ecx,offset _6AD0E0B9_test@c (084C003h)
00841833 call @__CheckForDebuggerJustMyCode@4 (0841217h)
printf("Hello,World!");
00841838 push offset string "Hello,World!" (0847BD0h)
0084183D call _printf (0841046h)
00841842 add esp,4
return 0;
00841845 xor eax,eax
}
00841847 pop edi ;堆栈平衡
00841848 pop esi ;
00841849 pop ebx ;
0084184A add esp,0C0h ;
00841850 cmp ebp,esp ;
00841852 call __RTC_CheckEsp (0841221h)
00841857 mov esp,ebp
00841859 pop ebp
0084185A ret