通过 x86 程序集从 argv 读取文件名
我正在尝试读取传递给我的可执行文件的文件名并使用程序集写入该文件。编译没有错误,但执行时失败。我的代码到底有什么问题?
BITS 32
segment .data
text db "text"
segment .text
global main
main:
pop ebx
pop ebx
pop ebx ; pop pointer to filename into ebx
mov eax,0x5 ;syscall open
mov ecx,0x2 ;flag read/write
int 0x80 ;call kernel
mov ebx,eax ;save returned file descriptor
mov eax,0x4 ; write syscall
mov ecx,text ;mov pointer to text into ecx
mov edx,0x4 ;string length
int 0x80 ;exit syscall
mov eax,0x1
int 0x80
I'm and trying to read a filename passed to my executable and write to that file using assembly. It compiles without error but fails when executed. What is wrong with my code exactly?
BITS 32
segment .data
text db "text"
segment .text
global main
main:
pop ebx
pop ebx
pop ebx ; pop pointer to filename into ebx
mov eax,0x5 ;syscall open
mov ecx,0x2 ;flag read/write
int 0x80 ;call kernel
mov ebx,eax ;save returned file descriptor
mov eax,0x4 ; write syscall
mov ecx,text ;mov pointer to text into ecx
mov edx,0x4 ;string length
int 0x80 ;exit syscall
mov eax,0x1
int 0x80
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
由于您是从 libc 调用的,因此您还必须记住您有返回地址,以便您可以返回那里。这与如果您只有一个简单的汇编程序(如很多教程!)所得到的结果不同。记住这一点:
以下是打印第一个参数的方法。您应该可以从那里开始(注意:我可能犯了错误):
Since you're being called from libc you also have to recall that you have return address so you could return there. This is unlike what you get if you just have a bare-bones assembly program (like a lot of tutorials!). With that in mind:
Here's how you can print the first argument. You should be able to go from there (beware: I might have made mistakes):
进入 main 时:堆栈具有以下内容:
当您三次
pop ebx时,您最终会访问argv,而不是argv[ 1]。argv是一个指向以 NULL 结尾的char *数组的指针,因此您必须遵循间接寻址,如 @user786653 所示。On entry to main: the stack has the following:
When you
pop ebxthrice, you end up accesingargv, notargv[1].argvis a pointer to a NULL-terminated array ofchar *, so you have to follow the indirection, as @user786653 shows.