x86中BND RET的含义
[英]Meaning of BND RET in x86
问题描述
I was going through some disassembly of a CRT library (the SEH prolog in particular) when I suddenly came across this strange instruction bnd ret . 
我正在经历一个CRT库(特别是SEH序言)的一些拆卸的时候我突然碰到这个奇怪的指令来bnd ret 。 Can anyone explain the meaning of the f2 prefix right before c3 (ret opcode)? 任何人都可以在c3 (ret操作码)之前解释f2前缀的含义吗?
1 个解决方案
解决方案1
4 2019-05-08 15:55:59
The BND prefix is part of Intel MPX (Memory Protection Extensions) and indicates the return target (or in general the branch target, as BND can be applied to any control flow instruction) should be checked against the bounds specified in the BND0 to BND3 registers, else an exception will be generated -- indicating a potential stack overflow, programming error or malicious code attack. BND前缀是Intel MPX(内存保护扩展)的一部分,并指示返回目标(或通常是分支目标,因为BND可应用于任何控制流指令)应根据BND0至BND3寄存器中指定的边界进行检查否则将生成异常 - 表示潜在的堆栈溢出,编程错误或恶意代码攻击。
On processors that do not support Intel MPX, or when MPX is disabled, the BND prefix behaves as a no-op, so there is no need to compile two versions of the code (one with and one without BND prefixes). 在不支持Intel MPX的处理器上,或者在禁用MPX时,BND前缀表现为无操作,因此无需编译两个版本的代码(一个有一个,一个没有BND前缀)。
Note that the encoding of the BND prefix is the same as that of the REPNE prefix (both are F2), so older disassemblers that don't know about MPX yet may show this instruction sequence as REPNE RET (or REPNE JMP, REPNE CALL, etc.). 请注意,BND前缀的编码与REPNE前缀的编码相同(均为F2),因此不了解MPX的旧反汇编程序可能会将此指令序列显示为REPNE RET(或REPNE JMP,REPNE CALL,等等。)。 This use is unrelated to the REP RET idiom where the prefix is assumed to have no-op behavior and is used purely to work around a performance issue on older CPUs. 这种用法与REP RET惯用法无关,其中假定前缀具有无操作行为,并且纯粹用于解决旧CPU上的性能问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.