BASM学习知识介绍

program Test1;

{$APPTYPE CONSOLE}

uses

SysUtils;

function Add1(X,Y,Z,A,B,C:Integer):Integer;

begin

Result := X+Y+Z+A+B+C;

end;

function Add(X,Y:Integer):Integer;

asm

add eax, edx

mov ebx, eax

end;

var

Result : Integer;

begin

Result := Add1(13,12,31,41,51,61);

Writeln(Result);

Result := Add(12347,12374);

Writeln(Result);

Result := 4;

Inc(Result,9);

Writeln(Result);

readln;

end.

Test1.dpr.22: Result := Add1(13,12,31,41,51,61);

00408805 6A29 push $29//压入

00408807 6A33 push $33//压入

00408809 6A3D push $3d//压入 当参数超过3个后 编译器会压入参数到栈

0040880B B91F000000 mov ecx,$0000001f

00408810 BA0C000000 mov edx,$0000000c

00408815 B80D000000 mov eax,$0000000d

0040881A E845FFFFFF call Add1//调用ADD1

0040881F 8BD8 mov ebx,eax

Test1.dpr.23: Writeln(Result);

00408821 A104934000 mov eax,[$00409304]

00408826 8BD3 mov edx,ebx

00408828 E80FA9FFFF call @Write0Long

0040882D E856A9FFFF call @WriteLn

00408832 E871A1FFFF call @_IOTest

Test1.dpr.25: Result := Add(12347,12374);

00408837 BA56300000 mov edx,$00003056

0040883C B83B300000mov eax,$0000303b

00408841 E836FFFFFF call Add

00408846 8BD8mov ebx,eax

Test1.dpr.26: Writeln(Result);

00408848 A104934000 mov eax,[$00409304]

0040884D 8BD3mov edx,ebx

0040884F E8E8A8FFFFcall @Write0Long

00408854 E82FA9FFFFcall @WriteLn

00408859 E84AA1FFFFcall @_IOTest

Test1.dpr.28: Result := 4;

0040885E BB04000000mov ebx,$00000004

Test1.dpr.29: Inc(Result,9);

00408863 83C309 add ebx,$09

Test1.dpr.31: Writeln(Result);

00408866 A104934000 mov eax,[$00409304]

0040886B 8BD3 mov edx,ebx

0040886D E8CAA8FFFFcall @Write0Long

00408872 E811A9FFFF call @WriteLn

00408877 E82CA1FFFF call @_IOTest

Test1.dpr.32: readln;

0040887C A170934000 mov eax,[$00409370]

00408881 E8F6A5FFFF call @ReadLn

00408886 E81DA1FFFF call @_IOTest

Test1.dpr.9: begin

00408764 55 push ebp //做标志栈，以后会对地址偏移量进行操作

00408765 8BEC mov ebp,esp//把esp栈地址值压入EBP进行操作

Test1.dpr.10: Result := X+Y+Z+A+B+C;

00408767 03D0 add edx,eax

00408769 03CA add ecx,edx

0040876B 034D10 add ecx,[ebp+$10]//(基地址+偏移量)

0040876E 034D0Cadd ecx,[ebp+$0c]//(同上)

00408771 034D08 add ecx,[ebp+$08]

00408774 8BC1 mov eax,ecx//结果存到 eax

Test1.dpr.11: end;

00408776 5D pop ebp//ebp地址为034D08，直接从这个位置弹栈,清理数据

00408777 C20C00 ret $000c

0040877A 8BC0 mov eax,eax

Test1.dpr.15: add eax, edx

0040877C 01D0 add eax,edx

Test1.dpr.16: mov ebx, eax

0040877E 89C3 mov ebx,eax

Test1.dpr.17: end;

00408780 C3 ret

00408781 8D4000 lea eax,[eax+$00]

00408784 55 push ebp

00408785 8BEC mov ebp,esp

00408787 33C0 xor eax,eax

00408789 55 push ebp

0040878A 68A3874000push $004087a3

===================================

为了验证整型读栈的方法

写了一个函数做

在函数执行前编译器已经为我们做了一个push ebp;

这样就是压入了16位，我们就可以通过+16位来读刚刚压入的4位的数据。

function Add2(X,Y,Z,A,B,C:Integer):Integer;

asm

mov ebx,[ebp+$10]

mov eax,[ebp+$10-$04]

mov ecx,[ebp+$10-$08]

mov eax,ebx

end;

ebx中显示的A

EAX中显示的B

ECX中显示的C

本文地址：http://www.45fan.com/a/question/70480.html