#include <stdio.h>
char* ResultName(void)
{
00E31080 push ebp
00E31081 mov ebp,esp
00E31083 sub esp,24h
00E31086 mov eax,dword ptr [__security_cookie (0E33000h)]
00E3108B xor eax,ebp
00E3108D mov dword ptr [ebp-4],eax
char name[30];
printf("What's your name? ");
00E31090 push 0E33078h
00E31095 call printf (0E31040h)
00E3109A add esp,4
gets(name);
00E3109D lea eax,[name]
00E310A0 push eax
00E310A1 call dword ptr [__imp__gets (0E320B8h)]
00E310A7 add esp,4
return name;
00E310AA lea eax,[name]
}
00E310AD mov ecx,dword ptr [ebp-4]
00E310B0 xor ecx,ebp
00E310B2 call __security_check_cookie (0E310FEh)
00E310B7 mov esp,ebp
00E310B9 pop ebp
00E310BA ret
/////////////////////////////////////////////////////////////////////////////////////////
int main(void)
{
00E310C0 push ebp
00E310C1 mov ebp,esp
00E310C3 sub esp,8
char* name1;
char* name2;
name1 = ResultName();
00E310C6 call ResultName (0E31080h)
00E310CB mov dword ptr [name1],eax
printf("name1 : %s\n", name1);
00E310CE mov eax,dword ptr [name1]
00E310D1 push eax
00E310D2 push 0E3306Ch
00E310D7 call printf (0E31040h)
00E310DC add esp,8
name2 = ResultName();
00E310DF call ResultName (0E31080h)
00E310E4 mov dword ptr [name2],eax
printf("name2 : %s\n", name2);
00E310E7 mov ecx,dword ptr [name2]
00E310EA push ecx
00E310EB push 0E33060h
00E310F0 call printf (0E31040h)
00E310F5 add esp,8
return 0;
00E310F8 xor eax,eax
}
00E310FA mov esp,ebp
00E310FC pop ebp
00E310FD ret
#include <stdio.h>
char name[30];
char* ReadUserName(void)
{
00CA1080 push ebp
00CA1081 mov ebp,esp
printf("What's your name? ");
00CA1083 push 0CA3090h
00CA1088 call printf (0CA1040h)
00CA108D add esp,4
gets(name);
00CA1090 push offset name (0CA3440h)
00CA1095 call dword ptr [__imp__gets (0CA20B8h)]
00CA109B add esp,4
return name;
00CA109E mov eax,offset name (0CA3440h)
}
00CA10A3 pop ebp
00CA10A4 ret
//////////////////////////////////////////////////////////////////////////////////////////
int main(void)
{
00CA10B0 push ebp
00CA10B1 mov ebp,esp
00CA10B3 sub esp,8
char* name1;
char* name2;
name1 = ReadUserName();
00CA10B6 call ReadUserName (0CA1080h)
00CA10BB mov dword ptr [name1],eax
printf("name1: %s\n", name1);
00CA10BE mov eax,dword ptr [name1]
00CA10C1 push eax
00CA10C2 push 0CA3084h
00CA10C7 call printf (0CA1040h)
00CA10CC add esp,8
name2 = ReadUserName();
00CA10CF call ReadUserName (0CA1080h)
00CA10D4 mov dword ptr [name2],eax
printf("name2: %s\n", name2);
00CA10D7 mov ecx,dword ptr [name2]
00CA10DA push ecx
00CA10DB push 0CA3078h
00CA10E0 call printf (0CA1040h)
00CA10E5 add esp,8
printf("name1: %s\n", name1);
00CA10E8 mov edx,dword ptr [name1]
00CA10EB push edx
00CA10EC push 0CA306Ch
00CA10F1 call printf (0CA1040h)
00CA10F6 add esp,8
printf("name2: %s\n", name2);
00CA10F9 mov eax,dword ptr [name2]
00CA10FC push eax
00CA10FD push 0CA3060h
00CA1102 call printf (0CA1040h)
00CA1107 add esp,8
return 0;
00CA110A xor eax,eax
}
00CA110C mov esp,ebp
00CA110E pop ebp
00CA110F ret
#include <stdio.h>
#include <stdlib.h>
int main(void)
{
002D1080 push ebp
002D1081 mov ebp,esp
002D1083 sub esp,0Ch
int* ptr1 = (int*)malloc(sizeof(int));
002D1086 push 4
002D1088 call dword ptr [__imp__malloc (02D204Ch)]
002D108E add esp,4
002D1091 mov dword ptr [ptr1],eax
int* ptr2 = (int*)malloc(sizeof(int) * 7);
002D1094 push 1Ch
002D1096 call dword ptr [__imp__malloc (02D204Ch)]
002D109C add esp,4
002D109F mov dword ptr [ptr2],eax
int i;
*ptr1 = 20;
002D10A2 mov eax,dword ptr [ptr1]
002D10A5 mov dword ptr [eax],14h
for (i = 0; i < 7; i++)
002D10AB mov dword ptr [i],0
002D10B2 jmp main+3Dh (02D10BDh)
002D10B4 mov ecx,dword ptr [i]
002D10B7 add ecx,1
002D10BA mov dword ptr [i],ecx
002D10BD cmp dword ptr [i],7
002D10C1 jge main+54h (02D10D4h)
{
ptr2[i] = i + 1;
002D10C3 mov edx,dword ptr [i]
002D10C6 add edx,1
002D10C9 mov eax,dword ptr [i]
002D10CC mov ecx,dword ptr [ptr2]
002D10CF mov dword ptr [ecx+eax*4],edx
}
002D10D2 jmp main+34h (02D10B4h)
printf("%d\n", *ptr1);
002D10D4 mov edx,dword ptr [ptr1]
002D10D7 mov eax,dword ptr [edx]
002D10D9 push eax
002D10DA push 2D3064h
002D10DF call printf (02D1040h)
002D10E4 add esp,8
for (i = 0; i < 7; i++)
002D10E7 mov dword ptr [i],0
002D10EE jmp main+79h (02D10F9h)
002D10F0 mov ecx,dword ptr [i]
002D10F3 add ecx,1
002D10F6 mov dword ptr [i],ecx
002D10F9 cmp dword ptr [i],7
002D10FD jge main+98h (02D1118h)
{
printf("%d ", ptr2[i]);
002D10FF mov edx,dword ptr [i]
002D1102 mov eax,dword ptr [ptr2]
002D1105 mov ecx,dword ptr [eax+edx*4]
002D1108 push ecx
002D1109 push 2D3060h
002D110E call printf (02D1040h)
002D1113 add esp,8
}
002D1116 jmp main+70h (02D10F0h)
free(ptr1);
002D1118 mov edx,dword ptr [ptr1]
002D111B push edx
002D111C call dword ptr [__imp__free (02D2050h)]
002D1122 add esp,4
free(ptr2);
002D1125 mov eax,dword ptr [ptr2]
002D1128 push eax
002D1129 call dword ptr [__imp__free (02D2050h)]
002D112F add esp,4
return 0;
002D1132 xor eax,eax
}
002D1134 mov esp,ebp
002D1136 pop ebp
002D1137 ret
* __imp__malloc → __malloc_base → __imp__HeapAlloc
7629F690 mov edi,edi
7629F692 push ebp
7629F693 mov ebp,esp
7629F695 pop ebp
7629F696 jmp __malloc_base (7629F6B0h)7629F6B0 mov edi,edi
7629F6B2 push ebp
7629F6B3 mov ebp,esp
7629F6B5 push ebx
7629F6B6 push esi
7629F6B7 mov esi,dword ptr [ebp+8]
7629F6BA push edi
7629F6BB cmp esi,0FFFFFFE0h
7629F6BE ja __malloc_base+68h (7629F718h)
7629F6C0 test esi,esi
7629F6C2 jne __malloc_base+19h (7629F6C9h)
7629F6C4 mov esi,1
7629F6C9 push esi
7629F6CA push 0
7629F6CC push dword ptr [___acrt_heap (763752CCh)]
7629F6D2 call dword ptr [__imp__HeapAlloc@12 (76376100h)]
7629F6D8 test eax,eax
7629F6DA jne __malloc_base+13Dh (7629F7EDh)7629F7ED pop edi
7629F7EE pop esi
7629F7EF pop ebx
7629F7F0 pop ebp
7629F7F1 ret
* ntdll.dll!RtlAllocateHeap(void)
7745C640 mov edi,edi
7745C642 push ebp
7745C643 mov ebp,esp
7745C645 and esp,0FFFFFFF8h
7745C648 push ecx
7745C649 push esi
7745C64A mov esi,dword ptr [ebp+8]
7745C64D test esi,esi
7745C64F je _RtlCaptureStackContext@12+0B2BDh (774B570Dh)
7745C655 cmp dword ptr [esi+8],0DDEEDDEEh
7745C65C mov ecx,esi
7745C65E mov edx,dword ptr [ebp+10h]
7745C661 je _RtlCaptureStackContext@12+0B2D4h (774B5724h)
7745C667 test byte ptr [_RtlpHpHeapFeatures (7753F230h)],2
7745C66E jne _RtlCaptureStackContext@12+0B2E1h (774B5731h)
7745C674 push 0
7745C676 push dword ptr [ebp+0Ch]
7745C679 call _RtlpAllocateHeapInternal@16 (7745C690h)
7745C67E pop esi
7745C67F mov esp,ebp
7745C681 pop ebp
7745C682 ret 0Ch
int main(void)
{
007110C0 push ebp
007110C1 mov ebp,esp
007110C3 sub esp,8
char* name1;
char* name2;
name1 = ReadUserName();
007110C6 call ReadUserName (0711080h)
007110CB mov dword ptr [name1],eax
printf("name1 : %s\n", name1);
007110CE mov eax,dword ptr [name1]
007110D1 push eax
007110D2 push 713084h
007110D7 call printf (0711040h)
007110DC add esp,8
name2 = ReadUserName();
007110DF call ReadUserName (0711080h)
007110E4 mov dword ptr [name2],eax
printf("name2 : %s\n", name2);
007110E7 mov ecx,dword ptr [name2]
007110EA push ecx
007110EB push 713078h
007110F0 call printf (0711040h)
007110F5 add esp,8
printf("name1: %s\n", name1);
007110F8 mov edx,dword ptr [name1]
007110FB push edx
007110FC push 71306Ch
00711101 call printf (0711040h)
00711106 add esp,8
printf("name2: %s\n", name2);
00711109 mov eax,dword ptr [name2]
0071110C push eax
0071110D push 713060h
00711112 call printf (0711040h)
00711117 add esp,8
free(name1);
0071111A mov ecx,dword ptr [name1]
0071111D push ecx
0071111E call dword ptr [__imp__free (0712048h)]
00711124 add esp,4
free(name2);
00711127 mov edx,dword ptr [name2]
0071112A push edx
0071112B call dword ptr [__imp__free (0712048h)]
00711131 add esp,4
return 0;
00711134 xor eax,eax
}
00711136 mov esp,ebp
00711138 pop ebp
00711139 ret
'IT공부 > IT서적' 카테고리의 다른 글
| [뇌를 자극하는 윈도우즈 시스템 프로그래밍] 13장, 14장. 쓰레드 동기화 기법 1, 쓰레드 동기화 기법 2 (0) | 2025.02.17 |
|---|---|
| [뇌를 자극하는 윈도우즈 시스템 프로그래밍] 12장. 쓰레드의 생성과 소멸 (0) | 2025.02.13 |
| [윤성우 열혈 C프로그래밍] 릴리즈 빌드(최적화 컴파일러 OFF), 어셈블리 코드 - Chapter24, Chapter26, Chapter27 (0) | 2025.02.11 |
| [윤성우 열혈 C프로그래밍] 매크로 # 연산자(P572 ~ P575) (0) | 2025.02.11 |
| [윤성우 열혈 C프로그래밍] 어셈블리 코드 - Chapter22, Chapter23 (0) | 2025.02.09 |