C 言語のコードとアセンブラ命令の対応
単純な代入
*eax = 1;
ecx = *eax;
*eax = ebx;
*(esi + 0x34) = eax;
eax = *(esi + 0x34);
edx = *(ecx + eax);
mov dword ptr [eax],1
mov ecx,dword ptr [eax]
mov dword ptr [eax], ebx
mov dword ptr [esi+34h], eax
mov eax, dword ptr [esi+34h]
mov edx, dword ptr [ecx+eax]
配列
文字列
構造体 (値)
struct tagDATA {
char field1;
short field2;
int field3;
char field4;
int field5;
} data, *p;
data.field1 = 0x11;
data.field2 = 0x2233;
data.field3 = 0x01234567;
data.field4 = 0x44;
data.field5 = 0x89abcdef;
*p = &data;
0:000> dt tagDATA
+0x000 field1 : Char
+0x002 field2 : Int2B
+0x004 field3 : Int4B
+0x008 field4 : Char
+0x00c field5 : Int4B
0:000> u
mov byte ptr [myapp!data (0041a4d4)],11h
mov eax,2233h
mov word ptr [myapp!data+0x2 (0041a4d6)],ax
mov dword ptr [myapp!data+0x4 (0041a4d8)],1234567h
mov byte ptr [myapp!data+0x8 (0041a4dc)],44h
mov dword ptr [myapp!data+0xc (0041a4e0)],89ABCDEFh
mov dword ptr [myapp!p (0041a4e4)],offset myapp!data (0041a4d4)
0:000> dd ConsoleApplication11!d
00f4a4d4 22330011 01234567 00000044 89abcdef
構造体 (参照)
struct tagNODE {
int value;
tagNODE* pLeft;
tagNODE* pRight;
} *pNode1, *pNode2;
pNode1->value = 0x01234567;
pNode2->value = 0x89abcdef;
pNode1->pLeft = NULL;
pNode1->pRight = pNode2;
0:000> dt tagNODE
+0x000 value : Int4B
+0x004 pLeft : Ptr32 tagNODE
+0x008 pRight : Ptr32 tagNODE
0:000> u
mov eax,dword ptr [ebp+8]
mov dword ptr [eax],1234567h
mov eax,dword ptr [ebp+0Ch]
mov dword ptr [eax],89ABCDEFh
mov eax,dword ptr [ebp+8]
mov dword ptr [eax+4],0
mov eax,dword ptr [ebp+8]
mov ecx,dword ptr [ebp+0Ch]
mov dword ptr [eax+8],ecx