滴水逆向-结构体
作者:互联网
相关测试代码
结构体的定义与使用 struct st //struct是一个关键字 st是用户自己定义的一个名字 { //可以定义多种类型 int a; char b; short c; }; 结构体的使用 void Function(person p) { st s; s.a = 10; s.b = 20; s.c = 30; } 练习测试 #include "stdafx.h" struct st { char a; short b; int c; }; struct st1 { int a; int b; }; struct st2 { short a; short b; }; struct st3 { char a; char b; }; struct st4 { char a4; short b4; int c4; int arr4[10]; st1 d4; }; void fun(){ st cntf; st1 cntf1; st2 cntf2; st3 cntf3; st4 cntf4; cntf.a = 10; cntf.b = 12; cntf.c = 14; cntf1.a = 8; cntf1.b = 10; cntf2.a = 13; cntf2.b = 15; cntf3.a = 1; cntf3.b = 2; cntf4.a4 = 6; cntf4.arr4[2] = 76; cntf4.b4 = 5; cntf4.c4 = 88; cntf4.d4.a = 90; printf("%d %d %d \n",cntf.a,cntf.b,cntf.c); } int main(int argc, char* argv[]) { fun(); return 0; } 说明:结构体在定义的时候,除了自身以外,可以使用任何类型。 struct st1 { int a; int b; }; struct st2 { char a; short b; int arr[10]; st1 s; }; void Funtion() { st2 s2; s2.a = 'A'; s2.b = 12; s2.arr[0] = 1; s2.arr[1] = 2; s2.arr[3] = 3; s2.s.a = 100; s2.s.b = 200; printf("%d\n",s2.s.a); } 结构体作为参数的时候,下面的练习测试代码的结果可以知道实际结构体作为参数底层是在左内存的复制,非常消耗内存 练习测试代码 #include "stdafx.h" struct st { char a; short b; int c; }; struct st1 { int a; int b; }; struct st2 { short a; short b; }; struct st3 { char a; char b; }; struct st4 { char a4; short b4; int c4; int arr4[10]; st1 d4; }; void fun(st4 ct4){ st cntf; st1 cntf1; st2 cntf2; st3 cntf3; st4 cntf4; cntf.a = 10; cntf.b = 12; cntf.c = 14; cntf1.a = 8; cntf1.b = 10; cntf2.a = 13; cntf2.b = 15; cntf3.a = 1; cntf3.b = 2; cntf4.a4 = 6; cntf4.arr4[2] = 76; cntf4.b4 = 5; cntf4.c4 = 88; cntf4.d4.a = 90; printf("%d %d %d \n",cntf.a,cntf.b,cntf.c); } int main(int argc, char* argv[]) { st4 ct4; ct4.a4 = 88; ct4.arr4[6] = 98; ct4.b4 = 65; ct4.c4 = 76; ct4.d4.a = 90; fun(ct4); return 0; } 反汇编代码 74: { 0040B8E0 push ebp 0040B8E1 mov ebp,esp 0040B8E3 sub esp,78h 0040B8E6 push ebx 0040B8E7 push esi 0040B8E8 push edi 0040B8E9 lea edi,[ebp-78h] 0040B8EC mov ecx,1Eh 0040B8F1 mov eax,0CCCCCCCCh 0040B8F6 rep stos dword ptr [edi] 75: st4 ct4; 76: ct4.a4 = 88; 0040B8F8 mov byte ptr [ebp-38h],58h 77: ct4.arr4[6] = 98; 0040B8FC mov dword ptr [ebp-18h],62h 78: ct4.b4 = 65; 0040B903 mov word ptr [ebp-36h],offset main+27h (0040b907) 79: ct4.c4 = 76; 0040B909 mov dword ptr [ebp-34h],4Ch 80: ct4.d4.a = 90; 0040B910 mov dword ptr [ebp-8],5Ah 81: fun(ct4); 0040B917 sub esp,38h 0040B91A mov ecx,0Eh 0040B91F lea esi,[ebp-38h] 0040B922 mov edi,esp 0040B924 rep movs dword ptr [edi],dword ptr [esi] 0040B926 call @ILT+115(fun) (00401078) 0040B92B add esp,38h 结构体作为返回值 struct st { char a; short b; int c; int d; int e; }; st Function() { st s; s.a = 1; s.b = 2; s.c = 3; s.d = 4; s.e = 5; return s; }; int main(int argc, char* argv[]) { st s = Function(); return 0; } 练习测试代码 #include "stdafx.h" struct st { char a; short b; int c; }; struct st1 { int a; int b; }; struct st2 { short a; short b; }; struct st3 { char a; char b; }; struct st4 { char a4; short b4; int c4; int arr4[10]; st1 d4; }; st4 fun(){ st cntf; st1 cntf1; st2 cntf2; st3 cntf3; st4 cntf4; cntf.a = 10; cntf.b = 12; cntf.c = 14; cntf1.a = 8; cntf1.b = 10; cntf2.a = 13; cntf2.b = 15; cntf3.a = 1; cntf3.b = 2; cntf4.a4 = 6; cntf4.arr4[2] = 76; cntf4.b4 = 5; cntf4.c4 = 88; cntf4.d4.a = 90; //printf("%d %d %d \n",cntf.a,cntf.b,cntf.c); return cntf4; } int main(int argc, char* argv[]) { st4 cntf4 = fun(); return 0; } 对应反汇编代码 63: cntf4.a4 = 6; 0040B9D1 mov byte ptr [ebp-50h],6 64: cntf4.arr4[2] = 76; 0040B9D5 mov dword ptr [ebp-40h],4Ch 65: cntf4.b4 = 5; 0040B9DC mov word ptr [ebp-4Eh],offset fun+60h (0040b9e0) 66: cntf4.c4 = 88; 0040B9E2 mov dword ptr [ebp-4Ch],58h 67: cntf4.d4.a = 90; 0040B9E9 mov dword ptr [ebp-20h],5Ah 68: 69: //printf("%d %d %d \n",cntf.a,cntf.b,cntf.c); 70: return cntf4; 0040B9F0 mov ecx,0Eh 0040B9F5 lea esi,[ebp-50h] 0040B9F8 mov edi,dword ptr [ebp+8] 0040B9FB rep movs dword ptr [edi],dword ptr [esi] 0040B9FD mov eax,dword ptr [ebp+8] 71: } sizeof的使用 char a = 10; short b = 20; int c = 30; char arr1[10] = {0}; short arr2[10] = {0}; int arr3[10] = {0}; printf("%d\n",sizeof(a)); printf("%d\n",sizeof(b)); printf("%d\n",sizeof(c)); printf("%d\n",sizeof(arr1)); printf("%d\n",sizeof(arr2)); printf("%d\n",sizeof(arr3)); struct st1 { char a; short b; int c; }; struct st2 { char a; int c; short b; }; int main(int argc, char* argv[]) { st1 s1; st2 s2; printf("%d\n",sizeof(s1)); printf("%d\n",sizeof(s2)); return 0; }
标签:逆向,short,struct,cntf,int,滴水,char,cntf4,结构 来源: https://www.cnblogs.com/autopwn/p/15124238.html