堆栈内存溢出
  简体   繁体   English

汇编对伪代码的理解

[英]Assembly to pseudocode understanding

 原文  2017-07-31 08:52:19       c/ assembly/ ida

问题描述

I am trying to reverse a executable file (for learning RE), However i am stuck on a piece of pseudocode which has some things that I dont understand.Kindly help me to understand it so I can improve. 我正在尝试反转一个可执行文件(用于学习RE),但是我被困在一段伪代码上,其中包含一些我不了解的东西。请帮助我理解它,以便我可以改进。 Now I understand that there is an array which has number 32 till 2014th entry and from 2014th to 4095th entry there are the codes of character returned by fget.After that there is a little snippet of code which I am not able to understand,the block is marked with **. 现在我知道在2014年之前有一个数组编号为32,从2014年第4095条目开始有fget返回的字符代码。之后有一些我无法理解的代码片段标有**。

Code: 码: 

int sub_12A11A0()
{
  __int16 v1; // [sp+4h] [bp-24h]@13
  int v2; // [sp+8h] [bp-20h]@11
  int v3; // [sp+Ch] [bp-1Ch]@8
  signed int v4; // [sp+10h] [bp-18h]@13
  signed int l; // [sp+14h] [bp-14h]@16
  int v6; // [sp+18h] [bp-10h]@6
  int v7; // [sp+18h] [bp-10h]@13
  int v8; // [sp+18h] [bp-10h]@32
  signed int v9; // [sp+1Ch] [bp-Ch]@8
  signed int v10; // [sp+20h] [bp-8h]@8
  signed int i; // [sp+24h] [bp-4h]@1
  signed int j; // [sp+24h] [bp-4h]@4
  int k; // [sp+24h] [bp-4h]@13
  signed int m; // [sp+24h] [bp-4h]@27

  for ( i = 0; i < 2015; ++i )
    byte_12A3400[i] = 32;     
  for ( j = 2015; j < 4096; ++j )
  {
    v6 = fgetc(dword_12A33EC);
    if ( v6 == -1 )
      break;
    byte_12A3400[j] = v6;
    ++dword_12A3088;
  }
  v9 = j;
  v10 = 2015;
  v3 = 0;
  while ( v10 < v9 )
  {
    if ( v9 - v10 < 33 )
      v2 = v9 - v10;
    else
      v2 = 33;
    v1 = 0;
    v4 = 1;
    ****v7 = (unsigned __int8)byte_12A3400[v10];
    for ( k = v10 - 1; k >= v3; --k )
    {
      if ( (unsigned __int8)byte_12A3400[k] == v7 )
      {
        for ( l = 1; l < v2 && (unsigned __int8)*(&byte_12A3400[l] + k) == (unsigned __int8)*(&byte_12A3400[l] + v10); ++l )
          ;
        if ( l > v4 )
        {
          v1 = k;
          v4 = l;
        }
      }
    }****
    if ( v4 > 1 )
      sub_12A1120(v1 & 0x7FF, v4 - 2);
    else
      sub_12A10D0(v7);
    v10 += v4;
    v3 += v4;
    if ( v10 >= 4063 )
    {
      for ( m = 0; m < 2048; ++m )
        byte_12A3400[m] = byte_12A3C00[m];
      v9 -= 2048;
      v10 -= 2048;
      v3 -= 2048;
      while ( v9 < 4096 )
      {
        v8 = fgetc(dword_12A33EC);
        if ( v8 == -1 )
          break;
        byte_12A3400[v9++] = v8;
        ++dword_12A3088;
      }
    }
  }
  return sub_12A1090();
}

1 个解决方案

解决方案1
 1 已采纳  2017-07-31 10:26:41

It seems the important part is to understand 似乎重要的部分是要了解 

*(&byte_12A3400[l] + k)

This is equivalent to 这相当于 

byte_12A3400[l + k]

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 将程序集转换为伪代码 - Translating assembly to pseudocode 学习汇编-全部注释,需要生成伪代码 - Learning assembly - all commented, need to generate pseudocode 了解汇编.long指令 - Understanding assembly .long directive 了解ATT汇编语言 - Understanding ATT Assembly Language 了解和翻译汇编代码 - Understanding and translating assembly code 无法理解此汇编代码 - Trouble understanding this assembly code 解码和理解汇编代码 - Decoding and understanding assembly code 了解Assembly中的C程序 - Understanding C program in Assembly 了解gdb生成的程序集 - Understanding gdb produced assembly 无法理解汇编逻辑 - Trouble understanding assembly logic
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM