Home > Others

The const analysis of CPP Disassembly

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Let's start by analyzing a simple example. (Note error prone)

The code is very simple

#include <iostream> #include <cstdio>using namespace Std;int main () {const int a = 1;int* B = (int*) &a;*b = 2; cout << a << endl << *b << endl;return 0;}

The key points of disassembly analysis are commented 

1: #include <iostream>2: #include <cstdio>3:using namespace Std;4:int main () {00401560 push ebp00401561 mov ebp,esp00401563 Sub esp,48h00401566 push ebx00401567 push esi00401 568 Push edi00401569 Lea EDI,[EBP-48H]0040156C mov ecx,12h00401571 mov eax,0ccccccc  Ch00401576 Rep stos dword ptr [Edi]5:const int a = 1;00401578 mov dword ptr [ebp-4],16:int*   b = (int*) &a;0040157f Lea eax,[ebp-4]00401582 mov dword ptr [ebp-8],eax7: *b = 2;00401585 mov Ecx,dword ptr [ebp-8] ecx is the value of pointer b 00401588 mov DWORD ptr [Ecx],28:cout<<a<<endl <<*b<<endl;0040158e Push offset @ILT +195 (Std::endl) (004010C8) 00401593 mov edx,dword ptr [E bp-8]00401596 mov eax,dword ptr [edx]00401598 push eax//use EAX store 00401599 push offset @ILT +195 (Std::endl) (004010C8) 0040159E Push 1//Here is the constant A004015A0 mov ecx,offset std::cout (0047be90) 004015a5 call @ILT +250 (std:: Basic_ostream<char,std::char_traits<char> >::operator<<) (004010ff) 004015AA mov ecx,eax004015a C call @ILT +475 (std::basic_ostream<char,std::char_traits<char> >::operator<<) (004011E0) 004015B 1 mov ecx,eax004015b3 call @ILT +250 (std::basic_ostream<char,std::char_traits<char> >::opera tor<<) (004010ff) 004015B8 mov ecx,eax004015ba call @ILT +475 (std::basic_ostream<char,std::char_ Traits<char> >::operator<<) (004011e0) 9:return 0;004015bf xor eax,eax10:}004015c1 PO P edi004015c2 Pop esi004015c3 pop ebx004015c4 add esp,48h004015c7 cmp ebp, ESP004015C9 call __chkesp (00420550) 004015CE mov esp,ebp004015d0 pop ebp004015d1 ret output: 12 memory   Register Analysis Execution 00401578 mov      DWORD ptr [ebp-4],1 before 0018ff33 cc cc CC CC cc CC cc CC HOT HOT Hot Press. 0018ff3a cc CC CC-CC cc CC cc cc hot stamping. 0018ff41 cc CC CC CC CC CC hot perm. 0018ff48 1 A 42 ...). b0018ff4f 00 01 00 00 00 98 17 ..... Perform 00401578 mov dword ptr [ebp-4],1 after 0018ff33 cc CC, CC cc CC CC CC, hot perm. 0018ff3a cc CC CC CC cc CC CC CC hot perm. 001  8ff41 CC CC 01 00 00 00 Hot ..... Here 1 is the a0018ff48-FF 1 a 42 ...). b0040157f Lea eax,[ebp-4]00401582 mov dword ptr [ebp-8],eax eax = 0018ff44 EBX = 7efde000 ECX = 000000  EDX = 003c1810 ESI = 00000000 EDI = 0018ff48 EIP = 00401585 ESP = 0018fef4 EBP = 0018ff48 EFL = 000002060018ff33 cc CC CC CC CC CC CC CC 0018FF3A cc cc 44 Hot Hot d0018ff41 FF 18 00 01 00 00 00 ..... 0018ff48-FF 1 a 42 ...). B00401585 mov ecx,dword ptr [ebp-8]00401588 mov dword ptr [ecx],2 EAX = 0018ff44 EBX = 7efde000 ECX = 0018ff44 EDX = 003c1810 ESI = 00000000 EDI = 0018ff48 EIP = 0040158E ESP = 0018fef4 EBP = 0018ff48 EFL = 000002060018ff33 cc cc CC CC cc CC cc CC hot-hot hot Press. 0018ff3a cc cc CC 44 hot stamping d0018ff41 FF 18 00 0 2 xx .... <strong> address a here is changed to 2</strong>0018ff48, FF 1 a 42 .....).         b0040158e Push offset @ILT +195 (Std::endl) (004010C8) 00401593 mov edx,dword ptr [ebp-8]00401596 mov Eax,dword ptr [edx]00401598 push eax eax = 00000002 EBX = 7efde000 ECX = 0018ff44 edx = 0018ff44 ESI = 0000 0000 EDI = 0018ff48 EIP = 00401598 ESP = 0018fef0 EBP = 0018ff48 EFL = 00000206

After a minor change 

#include <iostream> #include <cstdio>using namespace Std;int main () {const int a = 1;int* B = (int*) &a;*b = 2; cout << a << endl << *b << endl;b = new int (8), cout << a << endl << *b << Endl;return 0;}

Disassembly analysis 

1: #include <iostream>2: #include <cstdio>3:using namespace Std;4:int main () {00401560 push ebp00401561 mov ebp,esp00401563 Sub esp,50h00401566 push ebx00401567 push esi00401 568 Push edi00401569 Lea EDI,[EBP-50H]0040156C mov ecx,14h00401571 mov eax,0ccccccc  Ch00401576 Rep stos dword ptr [Edi]5:const int a = 1;00401578 mov dword ptr [ebp-4],16:int*   b = (int*) &a;0040157f Lea eax,[ebp-4]00401582 mov dword ptr [ebp-8],eax7: *b = 2;00401585 mov ecx,dword ptr [ebp-8]00401588 mov dword ptr [ecx],28:cout << a << endl <&lt ; *b << endl;0040158e Push offset @ILT +195 (Std::endl) (004010C8) 00401593 mov edx,dword ptr [ebp-8]0 0401596 mov eax,dword ptr [edx]00401598 push eax00401599 push offset @ILT +195 (Std::endl) (0040  10C8) 0040159E push      1004015A0 mov ecx,offset std::cout (0047be90) 004015a5 call @ILT +250 (std::basic_ostream<char,st D::char_traits<char> >::operator<<) (004010ff) 004015AA mov ecx,eax004015ac call @ILT +475 (std::basic_ostream<char,std::char_traits<char> >::operator<<) (004011e0) 004015B1 mov ecx,eax004015b3 call @ILT +250 (Std::basic_ostream<char,std::char_traits<cha R> >::operator<<) (004010ff) 004015B8 mov ecx,eax004015ba call @ILT +475 (STD::BASIC_OSTREAM&L T;char,std::char_traits<char> >::operator<<) (004011e0) 9:b = new int (8); 004015BF Push 4004 015C1 call operator new (004205d0) 004015c6 add ESP,4004015C9 mov dword ptr [ebp-0ch],eax00401 5CC cmp dword ptr [ebp-0ch],0004015d0 je main+83h (004015e3) 004015d2 mov ecx,dword ptr [ebp      -0CH]004015D5 mov dword ptr [ECX],8004015DB mov   Edx,dword ptr [EBP-0CH]004015DE mov dword ptr [ebp-10h],edx004015e1 jmp main+8ah (004015ea) 004015E3 mov dword ptr [EBP-10H],0004015EA mov eax,dword ptr [ebp-10h]004015ed mov dword ptr [EBP-8] , Eax10:cout << a << endl << *b << endl;004015f0 push offset @ILT +195 (Std::endl) (0 04010C8) 004015F5 mov ecx,dword ptr [ebp-8]004015f8 mov edx,dword ptr [ecx]004015fa push edx00 4015FB Push offset @ILT +195 (Std::endl) (004010C8) 00401600 push 100401602 mov ecx,offset std::c Out (0047BE90) 00401607 call @ILT +250 (std::basic_ostream<char,std::char_traits<char> >::operator<&l t;) (004010ff) 0040160C mov ecx,eax0040160e call @ILT +475 (Std::basic_ostream<char,std::char_traits<cha R> >::operator<<) (004011e0) 00401613 mov ecx,eax00401615 call @ILT +250 (STD::BASIC_OSTREAM&L T;char,std::char_traIts<char> >::operator<<) (004010ff) 0040161A mov ecx,eax0040161c call @ILT +475 (std::basic         _ostream<char,std::char_traits<char> >::operator<<) (004011e0) 11:return 0;00401621 xor eax,eax12:}00401623 pop edi00401624 pop esi00401625 pop ebx00401626 add esp,50h         00401629 CMP ebp,esp0040162b call __CHKESP (004205f0) 00401630 mov esp,ebp00401632 pop  ebp00401633 RET Output: 1218 execute this sentence after 9:b = new int (8); Memory changes 0018ff33 cc cc CC cc CC C8 07 hot If. 0018ff3a C8 07 54 XX C8 T ... T.. 0018ff41 07 54 00 02 00 00 00. T .... A address or 2 <strong> instructions The compiler replaces the const variable directly with a constant, and its memory can be changed </strong>0018ff48 A9 1 a 42 ... b0018ff4f 00 01 00 00 00 98 17 ..... 0018FF56-Wu-Wu-Wu-xx ... T..




The const analysis of CPP Disassembly

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
ps4 disassembly const const nist certificate of analysis analysis of algorithms book cpp sh cpp schedule cpp ethereum

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More