Analysis of New [] and delete [] In vs2013

Compilation mode: Debug
Compiling environment: Microsoft Visual Studio ultimate 2013 (12.0.30501.00) Update 2
//////////////////////////////////////// //////////////////////////////////////
1. New []:
C ++ code:
Int * lpnum = new int [16];

Assembly code:
Push 0x40; new applied space size
Call XXXXXXXX; call New
Add ESP, 0x4; _ cdecl
MoV dword ptr ss: [EBP-0xD4], eax; returns the return value (address of the applied space) to the temporary variable (guess used to save)
MoV eax, dword ptr ss: [EBP-0xD4]; get address from temporary variable
MoV dword ptr ss: [EBP-0x8], eax; assign pointer to function

Let's take a look at what new has done:

Push EBP; void * New (INT nsize );
MoV EBP, esp; EBP + 0x8 nsize stack space
Sub ESP, 0x10
MoV eax, dword ptr ss: [EBP + 0x8]; obtain nsize
Push eax; press into nsize
Call malloc; call malloc
Add ESP, 0x4; _ cdecl
MoV dword ptr ss: [EBP-0x4], eax; returns the Address requested by malloc
Cmp dword ptr ss: [EBP-0x4], 0x0; if return value = NULL
Jnz short msvcr120116fb0c2a3
MoV ECx, dword ptr ss: [EBP + 0x8]; Size
Push ECx; push size
Call _ callnewh; _ callnewh (size)
Add ESP, 0x4; _ cdecl
Test eax, eax; if the returned value is null
Jnz short msvcr120116fb0c2a1
Lea ECx, dword ptr ss: [EBP-0x10]
Call bad_alloc; call bad_alloc
Push msvcr120108fb753d8
Lea edX, dword ptr ss: [EBP-0x10]
Push edX
Call _ cxxthrowexception; call _ cxxthrowexception
JMP short msvcr120116fb0c266
MoV eax, dword ptr ss: [EBP-0x4]; not equal to null, return value to eax, return to Main Function
MoV ESP, EBP
Pop EBP
Retn

Because vs2013 cannot view its implementation code, I guess the following is my personal suggestion. If you forget any mistakes, please kindly advise:

Void * _ cdecl operator new (unsigned int nsize) _ throw1 (_ STD bad_alloc)
{
Void * lpbuf;
While (lpbuf = malloc (nsize) = NULL)
{
If (_ callnewh (nsize) = NULL)
{
Static const STD: bad_alloc nomem;
_ Raise (nomem );
}
}
Return lpbuf;
}

Ii. Delete []:
C ++ code:
Int * lpnum = new int [16];
Delete lpnum;

Assembly code:
MoV eax, dword ptr ss: [EBP-0x8]; extract the lpnum address from the variable
MoV dword ptr ss: [EBP-0xD4], eax; place temporary variable EBP-0xD4
MoV ECx, dword ptr ss: [EBP-0xD4]; get address from temporary variable
Push ECx; push Parameters
Call newdelet51113011db; call Delete
Add ESP, 0x4; _ cdecl call Convention
Cmp dword ptr ss: [EBP-0xD4], 0x0; judge whether the address value in the Temporary Variable EBP-0xD4 is equal to null
Jnz short newdelet1_1301a54
MoV dword ptr ss: [EBP-0xE8], 0x0; fill in the Temporary Variable EBP-0xD4 as null if the Temporary Variable EBP-0xE8 is not null
JMP short newdelet5111301a64
MoV dword ptr ss: [EBP-0x8], 0x8123; input a value 0x8123 to lpnum
MoV edX, dword ptr ss: [EBP-0x8]; Retrieve value from lpnum
MoV dword ptr ss: [EBP-0xE8], EDX; Temporary Variable EBP-0xE8 filled with 0x8123

Let's take a look at what is done in delete:

Push EBP; void _ cdecl operator Delete (void * pbuf)
MoV EBP, esp; EBP + 0x8 pbuf stack space
Push-0x2
Push msvcr120.52499400
Push msvcr120.5243fef0
MoV eax, dword ptr fs: [0]
Push eax
Add ESP,-0xc
Push EBX
Push ESI
Push EDI
MoV eax, dword ptr ds: [0x524a8100]
Xor dword ptr ss: [EBP-0x8], eax
XOR eax, EBP
Push eax
Lea eax, dword ptr ss: [EBP-0x10]
MoV dword ptr fs: [0], eax
Cmp dword ptr ss: [EBP + 0x8], 0x0; pbuf = NULL
Jnz short msvcr120.5243a9cb
JMP msvcr120.5243aa68; jump to the end of the function (return)
Push 0x4; 4
Call msvcr120. _ Lock; call _ Lock
Add ESP, 0x4; _ cdecl call Convention
MoV dword ptr ss: [EBP-0x4], 0x0
MoV eax, dword ptr ss: [EBP + 0x8]; pbuf-0x20
Sub eax, 0x20
MoV dword ptr ss: [EBP-0x1C], eax; Temporary Variable [EBP-0x1C] = pbuf-0x20
MoV ECx, dword ptr ss: [EBP-0x1C]; Retrieve the pbuf after calculation
MoV edX, dword ptr ds: [ECx + 0x14]; pbuf + 0x14 can be used to determine that the ebp-0x1c is a struct variable and the result of 1 is a logical value.
And EDX, 0 xFFFF
CMP edX, 0x4; [EBP-0x1C] + 0x14] & 0 xFFFF! = 4
Je short msvcr120.5243aa3c
MoV eax, dword ptr ss: [EBP-0x1C]
Cmp dword ptr ds: [eax + 0x14], 0x1; [EBP-0x1C] + 0x14]! = 0x1
Je short msvcr120.5243aa3c
MoV ECx, dword ptr ss: [EBP-0x1C]
MoV edX, dword ptr ds: [ECx + 0x14]
& EdX, 0 xFFFF; [EBP-0x1C] + 0x14] & 0 xFFFF! = 0x2
CMP edX, 0x2
Je short msvcr120.5243aa3c
MoV eax, dword ptr ss: [EBP-0x1C]
Cmp dword ptr ds: [eax + 0x14], 0x3; [EBP-0x1C] + 0x14]! = 0x3
Je short msvcr120.5243aa3c
Push msvcr120.52321bf8; Unicode "_ block_type_is_valid (phead-> nblockuse )"
Push msvcr120.5230127c; Unicode "% s"
Push 0x0; null
Push 0x34; _ line __
Push msvcr120.52321c48; _ file __
Push 0x2
Call msvcr120. _ crtdbgreportw; call _ crtdbgreportw: _ crtdbgreportw (0x2 ,?, 0x34,0x0, % s, _ block_type_is_valid (phead-> nblockuse ))

Add ESP, 0x18; _ cdecl call Convention
CMP eax, 0x1; if (_ crtdbgreportw = 1)
Jnz short msvcr120.5243aa3c
Int3
MoV edX, dword ptr ss: [EBP-0x1C]
MoV eax, dword ptr ds: [edX + 0x14]
Push eax; push [EBP-0x1C] + 0x14]
MoV ECx, dword ptr ss: [EBP + 0x8]
Push ECx; push pbuf
Call msvcr120. _ free_dbg; call _ free_dbg: _ free_dbg (pbuf, [EBP-0x1C] + 0x14])
Add ESP, 0x8; _ cdecl call Convention
MoV dword ptr ss: [EBP-0x4],-0x2
Call msvcr120.5243aa5d; call the following _ unlock
JMP short msvcr120.5243aa68
Push 0x4
Call msvcr120. _ unlock; Call _ unlock: _ unlock (4)
Add ESP, 0x4; _ cdecl call Convention
Retn
MoV ECx, dword ptr ss: [EBP-0x10]; function tail
MoV dword ptr fs: [0], ECx
Pop ECx
Pop EDI
Pop ESI
Pop EBX
MoV ESP, EBP
Pop EBP
Retn

Because vs2013 cannot view its implementation code, I guess the following is my personal suggestion. If you forget any mistakes, please kindly advise:

Void _ cdecl operator Delete (void * pbuf)
{
_ Crtmemblockheader * phead;

If (pbuf = NULL)
{
Return;
}

_ Lock (4 );

Phead = (_ crtmemblockheader *) pbuf)-0x20;

If (phead-> nblockuse & 0 xFFFF) = 4
| (Phead-> nblockuse) = 1 | (phead-> nblockuse & 0 xFFFF) = 2
| (Phead-> nblockuse) = 3
& (1 = _ crtdbgreport (0x2, _ file __, _ line __, null,
(Phead-> nblockuse & 0 xFFFF) = 4
| (Phead-> nblockuse) = 1 | (phead-> nblockuse & 0 xFFFF) = 2
| (Phead-> nblockuse) = 3 ))
)
{
_ ASM
{
INT 3
}
}

_ Free_dbg (pbuf, phead-> nblockuse );
_ Munlock (4)
Return;
}

Int _ crtdbgreport (INT reporttype, const char * filename, int linenumber, const char * modulename, const char * Format [, argument]...);

Analysis of New [] and delete [] In vs2013