S
skyjacker
Unregistered / Unconfirmed
GUEST, unregistred user!
/*_ClassCreate src*/<br>function _ClassCreate(AClass: TClass; Alloc: Boolean): TObject;<br>asm<br> { -> EAX = pointer to VMT }<br> { <- EAX = pointer to instance }<br> PUSH EDX<br> PUSH ECX<br> PUSH EBX<br> TEST DL,DL<br> JL @@noAlloc //jl +$03 ? <br> CALL dword ptr [EAX].vmtNewInstance<br>@@noAlloc:<br>{$IFNDEF PC_MAPPED_EXCEPTIONS}<br> XOR EDX,EDX<br> LEA ECX,[ESP+16]<br> MOV EBX,FS:[EDX]<br> MOV [ECX].TExcFrame.next,EBX<br> MOV [ECX].TExcFrame.hEBP,EBP<br> MOV [ECX].TExcFrame.desc,offset @desc<br> MOV [ECX].TexcFrame.ConstructedObject,EAX { trick: remember copy to instance <br><br>}<br> MOV FS:[EDX],ECX<br>{$ENDIF}<br> POP EBX<br> POP ECX<br> POP EDX<br> RET<br><br>{$IFNDEF PC_MAPPED_EXCEPTIONS}<br>@desc:<br> JMP _HandleAnyException<br><br> { destroy the object }<br><br> MOV EAX,[ESP+8+9*4]<br> MOV EAX,[EAX].TExcFrame.ConstructedObject<br> TEST EAX,EAX<br> JE @@skip<br> MOV ECX,[EAX]<br> MOV DL,$81<br> PUSH EAX<br> CALL dword ptr [ECX].vmtDestroy<br> POP EAX<br> CALL _ClassDestroy<br>@@skip:<br> { reraise the exception }<br> CALL _RaiseAgain<br>{$ENDIF}<br>end;<br><br>/*运行过程中,反汇编*/<br><br>0040382B C3 ret <br>0040382C 52 push edx<br>0040382D 51 push ecx<br>0040382E 53 push ebx<br>0040382F 84D2 test dl,dl<br>00403831 7C03 jl +$03 //加 3 后,为什么会跳到 xor edx,edx,怎样计算的?<br>00403833 FF50F4 call dword ptr [eax-$0c]<br>00403836 31D2 xor edx,edx<br>00403838 8D4C2410 lea ecx,[esp+$10]<br>0040383C 648B1A mov ebx,fs:[edx]<br>0040383F 8919 mov [ecx],ebx<br>00403841 896908 mov [ecx+$08],ebp<br>00403844 C7410455384000 mov [ecx+$04],$00403855<br>0040384B 89410C mov [ecx+$0c],eax<br>0040384E 64890A mov fs:[edx],ecx<br>00403851 5B pop ebx<br>00403852 59 pop ecx<br>00403853 5A pop edx<br>00403854 C3 ret <br>00403855 E94E010000 jmp @HandleAnyException<br>0040385A 8B44242C mov eax,[esp+$2c]<br>0040385E 8B400C mov eax,[eax+$0c]<br>00403861 85C0 test eax,eax<br>00403863 740E jz +$0e<br>00403865 8B08 mov ecx,[eax]<br>00403867 B281 mov dl,$81<br>00403869 50 push eax<br>0040386A FF51FC call dword ptr [ecx-$04]<br>0040386D 58 pop eax<br>0040386E E809000000 call @ClassDestroy<br><br><br>jl +$03 段 在计算机中的字节实际如下排列:<br><br>00403831 7C<br>00403832 03 ; jl +$03 <br>00403833 FF<br>00403834 50<br>00403835 F4 ; call dword ptr [eax-$0c]<br>00403836 31 <br>00403837 D2 ; xor edx,edx<br>00403838 85 <br><br>jl+$03 为什么会跳到 xor edx,edx,怎样计算的,起始地址是多少呢?