vs2026+win10(第五章-2))
致谢:
VS2026配置x86/x64调用32位和64位汇编语言动态库环境 参考
https://blog.csdn.net/chenyijun/article/details/148952640
Lrvine64.obj 外部库可以在这里下载 链接: https://pan.baidu.com/s/1ljbseUDxpBcG_rrnhAiMEA 提取码: skbd;----------------------------------------;Procedure Prototypes;---------------------------------------- CloseFile PROTO;close afilehandle Clrscr PROTO;clearthescreenCreateOutputFile PROTO;createfileforwriting Crlf PROTO;output carriage-return / linefeed Delay PROTO;delayforn milliseconds DumpMem PROTO;display memory dump DumpRegs PROTO;display register dump GetCommandTail PROTO;get command-line string GetDateTime PROTO,;get systemdateandtimestartTime:PTR QWORD GetMaxXY PROTO;get console rows and columns GetMseconds PROTO;get milliseconds past midnight GetTextColor PROTO;Get the console window's color attributes. Gotoxy PROTO;setthe cursor position IsDigit PROTO;returnZF=1ifAL is a decimal digit MsgBox PROTO;display popup message box MsgBoxAsk PROTO;display popup yes/no question box OpenInputFile PROTO;openfileininput mode ParseDecimal32 PROTO;convert unsigned decimal string to32-bit binary ParseInteger32 PROTO;convert signed decimal string to32-bit binary Randomize PROTO;reseed random number generator RandomRange PROTO;generate random integerinspecified range Random32 PROTO;generate32-bit random integer ReadInt PROTO;readsigned decimal integer from console ReadChar PROTO;reach single character from console ReadDec PROTO;readunsigned decimal integer from console ReadFloat PROTO;readfloating-point value from keyboard ReadFromFile PROTO;readbuffer from inputfileReadHex PROTO;readhexadecimal integer from console ReadKey PROTO;Reads keyboard inputifavailable(4/6/03)ReadKeyFlush PROTO;Flush ReadKey buffer and repeat counter(4/6/03)ReadString PROTO;readstring from console SetTextColor PROTO;setconsole text color ShowFPUStack PROTO;writefloating-point stack to console window StrLength PROTO;returns the length of a string WaitMsg PROTO;displaywaitmessage,waitforEnter key WriteBin PROTO;writeinteger to outputinbinaryformatWriteBinB PROTO;writebinary integerinbyte, word,or doublewordformatWriteChar PROTO;writesingle character to output WriteDec PROTO;writeunsigned decimal integer to output WriteFloat PROTO;writeST(0)to consoleinfloating-pointformatWriteHex PROTO;writehexadecimal integer to output WriteHexB PROTO;writehexadecimal integerinword or doublewordformatWriteInt PROTO;writesigned integer to output;WriteStackFrame;writestack frame data(James Brink--see proto laterinthisfile);WriteStackFrameName;writestack frame data with proc name(James Brink)WriteString PROTO;writenull-terminated string to output WriteToFile PROTO;writea buffer to an outputfileWriteWindowsMsg PROTO;writelast error message generated by MS-Windows;call32lib.asm INCLUDE Irvine32.inc .data filename BYTE"newfile.txt",0 array DWORD1,2,3,4,5,6,7,8,9,0Ah,0Bh .code main PROC;==========等待,清屏===========;call Crlf;call Clrscr;call WaitMsg;"Press any key...";===========创建新文件==========;mov edx, OFFSET filename;call CreateOutputFile;=============暂停2秒=========;mov eax,2000;2秒;call Delay;============产生十六进制形式显示内存一段数据===;mov esi, OFFSET array;mov ecx, LENGTHOF array;mov ebx, TYPE array;call DumpMem;=========十六进制形式显示寄存器和EFLAGS内容===;CALL DumpRegs INVOKE ExitProcess,0main ENDP END mainINCLUDE Irvine32.inc;加密密钥 KEY=5.data;待加密数组 array DWORD1,2,3,4,5,6,7,8,9,0Ah,0Bh;提示信息 msgBefore BYTE"加密前数组:",0 msgAfter BYTE"加密后数组:",0 .code main PROC;==========显示加密前数组==========mov edx, OFFSET msgBefore call WriteString call Crlf mov esi, OFFSET array;数组首地址 mov ecx, LENGTHOF array;数组长度(循环次数) call PrintArray;调用打印数组过程;==========调用加密过程==========mov esi, OFFSET array;传递数组首地址 mov ecx, LENGTHOF array;传递数组长度 call Encrypt;调用加密过程(无直接参数,通过寄存器传参);==========显示加密后数组==========mov edx, OFFSET msgAfter call WriteString call Crlf mov esi, OFFSET array mov ecx, LENGTHOF array call PrintArray;退出程序 INVOKE ExitProcess,0main ENDP;==========自定义加密过程(异或加密)==========;输入:ESI=数组首地址,ECX=数组长度;功能:对DWORD数组每个元素异或KEY加密 Encrypt PROC push esi;保护寄存器(可选) push ecx EncryptLoop: xor DWORD PTR[esi], KEY;数组元素异或密钥addesi,4;下一个DWORD元素(4字节) loop EncryptLoop pop ecx pop esi ret Encrypt ENDP;==========辅助:打印DWORD数组==========;输入:ESI=数组首地址,ECX=数组长度 PrintArray PROC push esi push ecx PrintLoop: mov eax,[esi];取当前元素 call WriteDec;打印十进制数 mov al,' ';空格分隔 call WriteCharaddesi,4;下一个元素 loop PrintLoop call Crlf;换行 pop ecx pop esi ret PrintArray ENDP END main========================加密前数组:1234567891011加密后数组:476103213121514INCLUDE Irvine32.inc .data cmdTail BYTE129DUP(0);空缓冲区 .code main PROC mov edx, OFFSET cmdTail call GetCommandTail;填充缓冲区 INVOKE ExitProcess,0 main ENDP ———————————————— 原文链接:https://blog.csdn.net/chenyijun/article/details/148927787核心结论
cmdTail BYTE 129 DUP(0) 的内存布局规则:
0x00406038 是 cmdTail 的起始地址;
从 0x00406038 开始,连续占用 129 个字节的内存空间(这 129 字节就是 129 DUP(0) 对应的内容);
这些字节会「紧挨着」起始地址向后排布,没有间隔。
结合你的截图验证
从内存 2 窗口能看到:
起始地址 0x00406038 开始,前几个字节存储了 file1.txt file2.txt(ASCII 码:66 69 6C 65 31 2E 74 78 74 20 66 69 6C 65 32 2E 74 78 74);
后续字节直到 0x00406038 + 128(因为从 0 开始计数,129 字节的最后一个地址是 0x00406038 + 128 = 0x004060B9),全部填充为 00(对应 DUP(0) 的初始化值)。
直观的地址范围
cmdTail 的完整内存范围:
起始地址:0x00406038
结束地址:0x00406038 + 128 = 0x004060B9
这之间的 129 个字节,就是 129 DUP(0) 对应的全部内容(即使前半部分被赋值为 file1.txt file2.txt,未赋值的部分仍保留初始值 00)。
补充说明
DUP(0) 是汇编的「重复初始化」语法:
129 DUP(0) 表示「连续分配 129 个字节,每个字节初始值为 0」;
程序运行时如果给前 N 个字节赋值(比如写入 file1.txt file2.txt),剩余的 129 - N 个字节仍保持 00,但它们依然属于 cmdTail 的内存空间,且紧挨着已赋值的部分。
简单总结:129 DUP(0) 的内容就是从 0x00406038 开始,向后连续 129 个字节的区域,没有任何空隙。
