1.指针数组

5:        char* keyword[] = {"if", "for", "while", "switch"};  //数组指针,大小为4×4=16字节

0040D7D8   mov         dword ptr [ebp-10h],offset string "AAA" (00422028)

0040D7DF   mov         dword ptr [ebp-0Ch],offset string "for" (00422024)

0040D7E6   mov         dword ptr [ebp-8],offset string "DDD" (0042201c)

0040D7ED   mov         dword ptr [ebp-4],offset string "\xb5\xd8\xd6\xb7\xce\xaa%x, \xca\xc7\xb5\xda%d\xb8\xf6\

2.数组和指针

*(p+i) = p[i]

*(*(p+i)+k) = p[i][k]

*(*(*(p+i)+k)+m) = p[i][k][m]

一段反汇编代码分析

5:        int x = 100;

00401028   mov         dword ptr [ebp-4],64h

6:        int* p = &x;

0040102F   lea         eax,[ebp-4]

00401032   mov         dword ptr [ebp-8],eax

7:        int** p1 = &p;

00401035   lea         ecx,[ebp-8]

00401038   mov         dword ptr [ebp-0Ch],ecx

8:

9:        printf("%d\n", x);

0040103B   mov         edx,dword ptr [ebp-4]

0040103E   push        edx

0040103F   push        offset string "%d\n" (0042201c)

00401044   call        printf (004010e0)

00401049   add         esp,8

10:       printf("%d\n", *p);

0040104C   mov         eax,dword ptr [ebp-8]

0040104F   mov         ecx,dword ptr [eax]

00401051   push        ecx

00401052   push        offset string "%d\n" (0042201c)

00401057   call        printf (004010e0)

0040105C   add         esp,8

11:       printf("%d\n", **p1);

0040105F   mov         edx,dword ptr [ebp-0Ch]

00401062   mov         eax,dword ptr [edx]

00401064   mov         ecx,dword ptr [eax]

00401066   push        ecx

00401067   push        offset string "%d\n" (0042201c)

0040106C   call        printf (004010e0)

00401071   add         esp,8

12:       printf("%d\n", p[0]);

00401074   mov         edx,dword ptr [ebp-8]

00401077   mov         eax,dword ptr [edx]

00401079   push        eax

0040107A   push        offset string "%d\n" (0042201c)

0040107F   call        printf (004010e0)

00401084   add         esp,8

13:       printf("%d\n", p1[0][0]);

00401087   mov         ecx,dword ptr [ebp-0Ch]

0040108A   mov         edx,dword ptr [ecx]

0040108C   mov         eax,dword ptr [edx]

0040108E   push        eax

0040108F   push        offset string "%d\n" (0042201c)

00401094   call        printf (004010e0)

00401099   add         esp,8

3.数组指针

一段反汇编代码分析

#include <stdio.h>

char code[]=

{

	0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,

	0x0b,0x0c,0x0d,0x0e,0x0f,0x10,0x11,0x12,0x13,0x14,

	0x15,0x16,0x17,0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,

	0x1f,0x20,0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,

	0x29,0x2a,0x2b,0x2c,0x2d,0x2e,0x2f,0x30,0x31,0x32,

	0x33,0x34,0x35,0x36,0x37,0x38,0x39,0x3a,0x3b,0x3c,

	0x3d,0x3e,0x3f,0x40,0x41,0x42,0x43,0x44,0x45,0x46,

	0x47,0x48,0x49,0x4a,0x4b,0x4c,0x4d,0x4e,0x4f,0x50,

	0x51,0x52,0x53,0x54,0x55,0x56,0x57,0x58,0x59,0x5a,

	0x5b,0x5c,0x5d,0x5e,0x5f,0x60,0x61,0x62,0x63,0x64

};

int main()

{

	//1.一维数组指针

	//int (*px)[5];

	//px = (int (*)[5]code);

	//printf("%x\n", *(*(px+2)+2));

	//2.二维数组指针

	char (*py)[2][3];

	py = (char (*)[2][3])code;         //2*3*1 = 6   // 3*1 = 3

	printf("%x\n", *(*(*(py+2)+3)+4));  // 12+9+4 = 25  即结果为0x1a

	//3.三维数组指针

	return 0;

}

4.函数指针

函数的反汇编代码

int Function(int x, int y)

{

	return x+y;

}


00401010 55                   push        ebp

00401011 8B EC                mov         ebp,esp

00401013 83 EC 40             sub         esp,40h

00401016 53                   push        ebx

00401017 56                   push        esi

00401018 57                   push        edi

00401019 8D 7D C0             lea         edi,[ebp-40h]

0040101C B9 10 00 00 00       mov         ecx,10h

00401021 B8 CC CC CC CC       mov         eax,0CCCCCCCCh

00401026 F3 AB                rep stos    dword ptr [edi]

00401028 8B 45 08             mov         eax,dword ptr [ebp+8]

0040102B 03 45 0C             add         eax,dword ptr [ebp+0Ch]

0040102E 5F                   pop         edi

0040102F 5E                   pop         esi

00401030 5B                   pop         ebx

00401031 8B E5                mov         esp,ebp

00401033 5D                   pop         ebp

00401034 C3                   ret

取其硬编码,写函数调用

#include <stdio.h>

int x = 10;

unsigned char arr[] =

{

	0x55,

	0x8B, 0xEC,

	0x83, 0xEC, 0x40,

	0x53,

	0x56,

	0x57,

	0x8D, 0x7D, 0xC0,

	0xB9, 0x10, 0x00, 0x00, 0x00,

	0xB8, 0xCC, 0xCC, 0xCC, 0xCC,

	0xF3, 0xAB,

	0x8B, 0x45, 0x08,

	0x03, 0x45, 0x0C,

	0x5F,

	0x5E,

	0x5B,

	0x8B, 0xE5,

	0x5D,

	0xC3

};

int main()

{

	int (*pFun)(int, int);

	pFun = (int (*)(int ,int ))arr;

	x = pFun(2, 3);

	printf("%d\n", x);

	return 0;

}

补充:指针的本质

1.是一个类型

2.宽度是四

3.可以作加减的运算

4.可以与整数相加相减

5.可以比较大小

最新文章

  1. python string模块
  2. clientTarget与用户代理别名
  3. SharePoint 网站登录不上,3次输入用户名/密码白页
  4. Linux压力测试工具
  5. Java IO流整理Rick
  6. java SE (java Standard Edition)
  7. Monkey学习(4)简单测试实例
  8. Lua I/0输入输出
  9. CSS3中文手册基础知识
  10. A First Look at Rust Language
  11. Cloudera Manager 5.9 和 CDH 5.9 离线安装指南及个人采坑填坑记
  12. Selenium自动化测试-unittest单元测试框架
  13. html/jsp导出pdf格式的几种方法(jsPDF,iText,wkhtmltopdf)
  14. Vivado SDK ,调用math.h函数的时候出现 undefined reference to `xxx&#39; ,解决方案
  15. spark on yarn 内存分配
  16. Opencv画图操作
  17. sql的简单操作
  18. python下划线的5种含义
  19. Atitit 常见每日流程日程日常工作.docx v4
  20. HTML5 实现获取 gzip 压缩数据,并进行解压,同时解决汉字乱码,相关 pako.js

热门文章

  1. WPF error: does not contain a static 'Main' method suitable for an entry point
  2. BLE Mesh网络协议综述
  3. winform 控件合集2
  4. ios之CoreAnimation
  5. UVaLive 7637 Balanced String (构造)
  6. WSAData是个什么结构体用什么用
  7. hdu 3853 LOOPS (概率dp 逆推求期望)
  8. 2019计蒜之道初赛3 D. 阿里巴巴协助征战SARS(困难)(大数取余+欧拉降幂)
  9. 一个工程多个Target
  10. iOS有用的三方库和高效工具记录