问题描述
public main
main proc near
push ebp
mov ebp, esp
and esp, 0FFFFFFF0h
sub esp, 30h
mov dword ptr [esp], 8 ; size
call _malloc
mov [esp+2Ch], eax
mov dword ptr [esp+4], 4
mov eax, [esp+2Ch]
mov [esp], eax
call __start
上面的代码代表了我正在从事的大型项目的一部分.我试图将这段代码反转为C等效项,但是我很难理解malloc的工作方式.
The code above represents a portion of a large project I am working on. I am trying to reverse this code into C equivalent but I am having difficulty understanding how malloc works.
我正在计算8个字节将是分配的内存大小;但是,我不确定这条线.
I am figuring 8 bytes would be the size of the memory being allocated; however, I am not sure about this line.
mov eax, [esp+2ch]
malloc对eax有什么作用?
What does malloc do to eax?
此外,这将是等效的C代码吗?
Furthermore would this be equivalent C code?
int main(void)
{
int *ptr1;
ptr1 = (int *)malloc(sizeof(8));
*ptr1 = 4;
__start(*ptr1);
推荐答案
函数malloc()将分配一个大小为size个字节的内存块.如果可以分配所请求的内存,则将指针返回到内存块的开头.
The function malloc() will allocate a block of memory that is size bytes large. If the requested memory can be allocated a pointer is returned to the beginning of the memory block.
注意:接收到的内存块的内容未初始化.
Note: the content of the received block of memory is not initialized.
malloc()的语法:
无效* malloc(size_t size);
void *malloc ( size_t size );
参数:
内存块的大小(以字节为单位).
Size of the memory block in bytes.
返回值:
如果请求成功,则返回指向存储块的指针.如果函数未能分配请求的内存块,则返回NULL,也可以通过成功调用大小为零的malloc()返回NULL.
If the request is successful then a pointer to the memory block is returned.If the function failed to allocate the requested block of memory, a NULL is returned, NULL may also be returned by a successful call to malloc() with a size of zero.
这是一个非常简单的功能:将 BYTES 的数量传递给您 要作为唯一参数,在rdi中. 呼叫malloc."你会回来的 指向rax中返回的已分配字节的指针.清理空间 然后,将指针复制到rdi,然后免费通话"(我要离开 请关闭下面的免费内容,因为您需要堆栈才能正确执行此操作.
It's a pretty straightforward function: pass the number of BYTES you want as the only parameter, in rdi. "call malloc." You'll get back a pointer to the allocated bytes returned in rax. To clean up the space afterwards, copy the pointer over to rdi, and "call free" (I'm leaving off the free below, because you need the stack to do that properly).
这是程序集内存访问的完整示例.我叫malloc到 获得40个字节的空间. malloc返回此内容的起始地址 rax中的空格(eax的64位版本).即rax寄存器 就像指针一样.然后,我可以从 使用通常的汇编括号语法指向内存:
Here's a complete example of assembly memory access. I call malloc to get 40 bytes of space. malloc returns the starting address of this space in rax (the 64-bit version of eax). That is, the rax register is acting like a pointer. I can then read and write from the pointed-to memory using the usual assembly bracket syntax:
mov edi, 40; malloc's first (and only) parameter: number of bytes to allocate
extern malloc
call malloc
; on return, rax points to our newly-allocated memory
mov ecx,7; set up a constant
mov [rax],ecx; write it into memory
mov edx,[rax]; read it back from memory
mov eax,edx; copy into return value register
ret
您可以指定您想要一个而不是通过ecx寄存器进行复制 使用括号前面的"DWORD"进行32位内存写入和读取, 像这样:
Rather than copy via the ecx register, you can specify you want a 32-bit memory write and read using "DWORD" in front of the brackets, like this:
mov edi, 40; malloc's first (and only) parameter: number of bytes to allocate
extern malloc
call malloc
; on return, rax points to our newly-allocated memory
mov DWORD [rax],7; write constant into memory
mov eax,DWORD [rax]; read it back from memory
ret
以汇编语言表示的malloc.请参见此链接 malloc
for malloc in assembly language..see this link malloc
这篇关于_malloc在汇编中到底做什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!