问题描述
我正在尝试使用Windows注册表功能在汇编语言的"Software \ Microsoft \ Windows \ CurrentVersion \ Run"项中创建注册表项.我的程序崩溃并显示Windows错误消息.这是代码:
I am trying to use the Windows registry functions to create a registry key in the 'Software\Microsoft\Windows\CurrentVersion\Run' key in assembly language. My program crashes and displays a Windows error message. Here is the code:
includelib \Masm64\Lib\Kernel32.lib
includelib \Masm64\Lib\Advapi32.lib
extrn ExitProcess : proc
extrn RegCreateKeyExA : proc
dseg segment para 'DATA'
rhdl dd 0
sbky db 'Software\Microsoft\Windows\CurrentVersion\Run\startupprogram.exe', 0
dseg ends
cseg segment para 'CODE'
start proc ;Use link.exe to define entry point
sub rsp, 28h
push 0
push qword ptr [rhdl]
push 0
push 0
push 0
xor r9d, r9d
xor r8d, r8d
lea rdx, [sbky]
mov rcx, 8000001h
call RegCreateKeyExA
xor ecx, ecx ; exit code = 0
call ExitProcess
start endp
cseg ends
end
感谢您的帮助.也许我没有理会Windows调用约定?
I would appreciate your help. Perhaps I have disregarded the Windows calling convention?
推荐答案
在Win64 x64调用约定中,您必须为在寄存器中传递的四个参数保留堆栈槽:
In the Win64 x64 calling convention you have to reserve stack slots for the four arguments passed in the registers:
来自 http://msdn.microsoft.com/en-us/library/ms235286.aspx :
因此,RegCreateKeyExA()
函数将您压入堆栈的最后四件事视为为四个寄存器参数保留的位置,然后尝试从第一个push 0
获取其他参数,然后将任意随机垃圾放入内存中.您使用sub rsp,28h
保留的堆栈区域.
So the RegCreateKeyExA()
function is treating the last four things you pushed onto the stack as locations reserved for the four register arguments, then is trying to get the other arguments from the first push 0
then whatever random garbage is in the area of the stack you reserved with the sub rsp,28h
.
尝试:
push 0
push qword ptr [rhdl]
push 0
push 0
push 0
sub rsp, 20h ; reserve slots for arguments passed in regs
xor r9d, r9d
xor r8d, r8d
lea rdx, [sbky]
mov rcx, 8000001h
call RegCreateKeyExA
这篇关于在汇编语言中使用Windows注册表功能的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!