没有合适的资源?快使用搜索试试~ 我知道了~
首页Windows Debugging Practical Foundation
资源详情
资源评论
资源推荐
Table of Contents
Copyright................................................................................................................................ 1
Dedication............................................................................................................................ 10
Preface.................................................................................................................................. 12
Acknowledgements............................................................................................................... 14
About the Author.................................................................................................................. 16
Chapter 1. Memory, Registers and Simple Arithmetic........................................................... 18
Section 1.1. Memory and Registers inside an Idealized Computer............................................................................................................................................... 18
Section 1.2. Memory and Registers inside Intel 32-bit PC............................................................................................................................................................ 19
Section 1.3. "Arithmetic" Project: Memory Layout and Registers............................................................................................................................................... 20
Section 1.4. "Arithmetic" Project: A Computer Program.............................................................................................................................................................. 21
Section 1.5. "Arithmetic" Project: Assigning Numbers to Memory Locations............................................................................................................................. 22
Section 1.6. Assigning Numbers to Registers............................................................................................................................................................................... 24
Section 1.7. "Arithmetic" Project: Adding Numbers to Memory Cells......................................................................................................................................... 25
Section 1.8. Incrementing/Decrementing Numbers in Memory and Registers.......................................................................................................................... 27
Section 1.9. Multiplying Numbers................................................................................................................................................................................................. 29
Section 1.10. Multiplication and Registers.................................................................................................................................................................................... 31
Chapter 2. Debug and Release Binaries................................................................................. 32
Section 2.1. "Arithmetic" Project: C/C++ Program...................................................................................................................................................................... 32
Section 2.2. Downloading and Configuring WinDbg Debugger................................................................................................................................................... 33
Section 2.3. WinDbg Disassembly Output – Debug Executable.................................................................................................................................................. 35
Section 2.4. WinDbg Disassembly Output – Release Executable................................................................................................................................................ 42
Chapter 3. Number Representations..................................................................................... 44
Section 3.1. Numbers and Their Representations........................................................................................................................................................................ 44
Section 3.2. Decimal Representation (Base Ten)......................................................................................................................................................................... 45
Section 3.3. Ternary Representation (Base Three)....................................................................................................................................................................... 46
Section 3.4. Binary Representation (Base Two)........................................................................................................................................................................... 47
Section 3.5. Hexadecimal Representation (Base Sixteen)............................................................................................................................................................ 48
Section 3.6. Why Hexadecimals are used?................................................................................................................................................................................... 49
Chapter 4. Pointers............................................................................................................... 52
Section 4.1. A Definition................................................................................................................................................................................................................ 52
Section 4.2. "Pointers" Project: Memory Layout and Registers................................................................................................................................................... 53
Section 4.3. "Pointers" Project: Calculations................................................................................................................................................................................ 54
Section 4.4. Using Pointers to Assign Numbers to Memory Cells................................................................................................................................................ 55
Section 4.5. Adding Numbers Using Pointers.............................................................................................................................................................................. 62
Section 4.6. Multiplying Numbers Using Pointers....................................................................................................................................................................... 65
Chapter 5. Bytes, Words and Double Words......................................................................... 70
Section 5.1. Using Hexadecimal Numbers.................................................................................................................................................................................... 70
Section 5.2. Byte Granularity......................................................................................................................................................................................................... 71
Section 5.3. Bit Granularity........................................................................................................................................................................................................... 72
Section 5.4. Memory Layout.......................................................................................................................................................................................................... 73
Chapter 6. Pointers to Memory............................................................................................. 76
Section 6.1. Pointers Revisited...................................................................................................................................................................................................... 76
Section 6.2. Addressing Types....................................................................................................................................................................................................... 77
Section 6.3. Registers Revisited.................................................................................................................................................................................................... 83
Section 6.4. NULL Pointers.......................................................................................................................................................................................................... 84
Section 6.5. Invalid Pointers......................................................................................................................................................................................................... 85
Section 6.6. Variables as Pointers................................................................................................................................................................................................. 86
Section 6.7. Pointer Initialization................................................................................................................................................................................................. 87
Section 6.8. Note: Initialized and Uninitialized Data.................................................................................................................................................................. 88
Section 6.9. More Pseudo Notation.............................................................................................................................................................................................. 89
Section 6.10. "MemoryPointers" Project: Memory Layout.......................................................................................................................................................... 90
Chapter 7. Logical Instructions and EIP................................................................................ 98
Section 7.1. Instruction Format..................................................................................................................................................................................................... 98
Section 7.2. Logical Shift Instructions.......................................................................................................................................................................................... 99
Section 7.3. Logical Operations................................................................................................................................................................................................... 100
Section 7.4. Zeroing Memory or Registers.................................................................................................................................................................................. 101
Section 7.5. Instruction Pointer................................................................................................................................................................................................... 102
Section 7.6. Note: Code Section................................................................................................................................................................................................... 103
Chapter 8. Reconstructing a Program with Pointers........................................................... 106
Section 8.1. Example of Disassembly Output: No Optimization................................................................................................................................................ 106
Section 8.2. Reconstructing C/C++ Code: Part 1........................................................................................................................................................................ 109
Section 8.3. Reconstructing C/C++ Code: Part 2........................................................................................................................................................................ 111
Section 8.4. Reconstructing C/C++ Code: Part 3........................................................................................................................................................................ 112
Section 8.5. Reconstructing C/C++ Code: C/C++ program........................................................................................................................................................ 113
Section 8.6. Example of Disassembly Output: Optimized Program........................................................................................................................................... 114
Windows Debugging: Practical Foundations. Windows Debugging: Practical Foundations, ISBN: 9781906717100
Prepared for ronggang.yu@microsoft.com, Ronggang Yu
Copyright © 2009 Dmitry Vostokov. This download file is made available for personal use only and is subject to the Terms of Service. Any other use requires prior written consent from the
copyright owner. Unauthorized use, reproduction and/or distribution are strictly prohibited and violate applicable laws. All rights reserved.
Chapter 9. Memory and Stacks............................................................................................ 116
Section 9.1. Stack: A Definition.................................................................................................................................................................................................... 116
Section 9.2. Stack Implementation in Memory........................................................................................................................................................................... 117
Section 9.3. Things to Remember................................................................................................................................................................................................ 119
Section 9.4. PUSH Instruction.................................................................................................................................................................................................... 120
Section 9.5. POP instruction........................................................................................................................................................................................................ 121
Section 9.6. Register Review....................................................................................................................................................................................................... 122
Section 9.7. Application Memory Simplified............................................................................................................................................................................... 123
Section 9.8. Stack Overflow......................................................................................................................................................................................................... 124
Section 9.9. Jumps....................................................................................................................................................................................................................... 126
Section 9.10. Calls........................................................................................................................................................................................................................ 128
Section 9.11. Call Stack................................................................................................................................................................................................................ 130
Section 9.12. Exploring Stack in WinDbg.................................................................................................................................................................................... 132
Chapter 10. Frame Pointer and Local Variables.................................................................. 136
Section 10.1. Stack Usage............................................................................................................................................................................................................. 136
Section 10.2. Register Review...................................................................................................................................................................................................... 137
Section 10.3. Addressing Array Elements................................................................................................................................................................................... 138
Section 10.4. Stack Structure (No Function Parameters)........................................................................................................................................................... 139
Section 10.5. Raw Stack (No Local Variables and Function Parameters).................................................................................................................................. 140
Section 10.6. Function Prolog...................................................................................................................................................................................................... 141
Section 10.7. Function Epilog...................................................................................................................................................................................................... 142
Section 10.8. "Local Variables" Project....................................................................................................................................................................................... 143
Section 10.9. Disassembly of Optimized Executable (Release Configuration).......................................................................................................................... 148
Section 10.10. Advanced Topic: FPO........................................................................................................................................................................................... 149
Chapter 11. Function Parameters........................................................................................ 150
Section 11.1. "FunctionParameters" Project................................................................................................................................................................................ 150
Section 11.2. Stack Structure........................................................................................................................................................................................................ 151
Section 11.3. Stack Structure with FPO....................................................................................................................................................................................... 153
Section 11.4. Function Prolog and Epilog.................................................................................................................................................................................... 155
Section 11.5. Project Disassembled Code with Comments.......................................................................................................................................................... 156
Section 11.6. Release Build with FPO Enabled............................................................................................................................................................................ 161
Section 11.7. Cdecl Calling Convention........................................................................................................................................................................................ 162
Section 11.8. Parameter Mismatch Problem............................................................................................................................................................................... 163
Chapter 12. More Instructions............................................................................................. 164
Section 12.1. CPU Flags Register................................................................................................................................................................................................. 164
Section 12.2. The Fastest Way to Fill Memory............................................................................................................................................................................ 165
Section 12.3. Testing for 0............................................................................................................................................................................................................ 167
Section 12.4. TEST - Logical Compare........................................................................................................................................................................................ 168
Section 12.5. CMP – Compare Two Operands............................................................................................................................................................................ 169
Section 12.6. TEST or CMP?........................................................................................................................................................................................................ 170
Section 12.7. Conditional Jumps.................................................................................................................................................................................................. 171
Section 12.8. The Structure of Registers...................................................................................................................................................................................... 172
Section 12.9. Function Return Value........................................................................................................................................................................................... 173
Section 12.10. Using Byte Registers............................................................................................................................................................................................. 174
Chapter 13. Function Pointer Parameters............................................................................ 176
Section 13.1. "FunctionPointerParameters" Project.................................................................................................................................................................... 176
Section 13.2. Commented Disassembly....................................................................................................................................................................................... 177
Section 13.3. Dynamic Addressing of Local Variables................................................................................................................................................................ 180
Chapter 14. Summary of Code Disassembly Patterns........................................................... 182
Section 14.1. Function Prolog / Epilog........................................................................................................................................................................................ 182
Section 14.2. Passing Parameters................................................................................................................................................................................................ 183
Section 14.3. LEA (Load Effective Address)................................................................................................................................................................................ 184
Section 14.4. Accessing Parameters and Local Variables........................................................................................................................................................... 185
Windows Debugging: Practical Foundations. Windows Debugging: Practical Foundations, ISBN: 9781906717100
Prepared for ronggang.yu@microsoft.com, Ronggang Yu
Copyright © 2009 Dmitry Vostokov. This download file is made available for personal use only and is subject to the Terms of Service. Any other use requires prior written consent from the
copyright owner. Unauthorized use, reproduction and/or distribution are strictly prohibited and violate applicable laws. All rights reserved.
2
Published by OpenTask, Republic of Ireland
Copyright © 2009 by Dmitry Vostokov
All rights reserved. No part of this book may be reproduced, stored in a re-
trieval system, or transmitted, in any form or by any means, without the
prior written permission of the publisher.
You must not circulate this book in any other binding or cover and you must
impose the same condition on any acquirer.
OpenTask books are available through booksellers and distributors world-
wide. For further information or comments send requests to:
press@opentask.com
Microsoft, MSDN, Visual C++, Visual Studio, Win32, Windows, Windows
Server and Windows Vista are registered trademarks of Microsoft
Corporation. Other product and company names mentioned in this book may
be trademarks of their owners.
A CIP catalogue record for this book is available from the British Library.
ISBN-13: 978-1-906717-10-0 (Paperback)
ISBN-13: 978-1-906717-67-4 (Hardback)
First printing, 2009
Revision 2.0
Windows Debugging: Practical Foundations. Windows Debugging: Practical Foundations, ISBN: 9781906717100
Prepared for ronggang.yu@microsoft.com, Ronggang Yu
Copyright © 2009 Dmitry Vostokov. This download file is made available for personal use only and is subject to the Terms of Service. Any other use requires prior written consent from the
copyright owner. Unauthorized use, reproduction and/or distribution are strictly prohibited and violate applicable laws. All rights reserved.
3
Summary of Contents
Preface ............................................................................................................ 13
Acknowledgements ......................................................................................... 15
About the Author ............................................................................................ 17
Chapter 1: Memory, Registers and Simple Arithmetic .................................. 19
Chapter 2: Debug and Release Binaries ......................................................... 33
Chapter 3: Number Representations .............................................................. 45
Chapter 4: Pointers......................................................................................... 53
Chapter 5: Bytes, Words and Double Words .................................................. 71
Chapter 6: Pointers to Memory ...................................................................... 77
Chapter 7: Logical Instructions and EIP ........................................................ 99
Chapter 8: Reconstructing a Program with Pointers ................................... 107
Chapter 9: Memory and Stacks .................................................................... 117
Chapter 10: Frame Pointer and Local Variables .......................................... 137
Chapter 11: Function Parameters ................................................................ 151
Chapter 12: More Instructions ..................................................................... 165
Chapter 13: Function Pointer Parameters ................................................... 177
Chapter 14: Summary of Code Disassembly Patterns ................................. 183
Index ............................................................. Error! Bookmark not defined.
Windows Debugging: Practical Foundations. Windows Debugging: Practical Foundations, ISBN: 9781906717100
Prepared for ronggang.yu@microsoft.com, Ronggang Yu
Copyright © 2009 Dmitry Vostokov. This download file is made available for personal use only and is subject to the Terms of Service. Any other use requires prior written consent from the
copyright owner. Unauthorized use, reproduction and/or distribution are strictly prohibited and violate applicable laws. All rights reserved.
Licensed by
Ronggang Yu
2265753
剩余187页未读,继续阅读
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
评论0