1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168
| public phase_6 .text:00000000004010F4 phase_6 proc near ; CODE XREF: main+126↑p .text:00000000004010F4 .text:00000000004010F4 input= dword ptr -78h .text:00000000004010F4 var_60= byte ptr -60h .text:00000000004010F4 var_58= qword ptr -58h .text:00000000004010F4 var_50= byte ptr -50h .text:00000000004010F4 var_28= byte ptr -28h .text:00000000004010F4 .text:00000000004010F4 ; __unwind { .text:00000000004010F4 000 push r14 .text:00000000004010F6 008 push r13 .text:00000000004010F8 010 push r12 .text:00000000004010FA 018 push rbp .text:00000000004010FB 020 push rbx .text:00000000004010FC 028 sub rsp, 50h ; Integer Subtraction .text:0000000000401100 078 mov r13, rsp .text:0000000000401103 078 mov rsi, rsp .text:0000000000401106 078 call read_six_numbers ; Call Procedure .text:0000000000401106 .text:000000000040110B 078 mov r14, rsp .text:000000000040110E 078 mov r12d, 0 .text:000000000040110E .text:0000000000401114 .text:0000000000401114 loc_401114: ; CODE XREF: phase_6+5D↓j .text:0000000000401114 078 mov rbp, r13 ; 返回处偏移加了4 .text:0000000000401117 078 mov eax, [r13+0] .text:000000000040111B 078 sub eax, 1 ; 输入的第一个数字减1 .text:000000000040111E 078 cmp eax, 5 ; 小于5 .text:0000000000401121 078 jbe short loc_401128 ; Jump if Below or Equal (CF=1 | ZF=1) .text:0000000000401121 .text:0000000000401123 078 call explode_bomb ; Call Procedure .text:0000000000401123 .text:0000000000401128 ; --------------------------------------------------------------------------- .text:0000000000401128 .text:0000000000401128 loc_401128: ; CODE XREF: phase_6+2D↑j .text:0000000000401128 078 add r12d, 1 ; Add .text:000000000040112C 078 cmp r12d, 6 ; 控制循环,共6次 .text:0000000000401130 078 jz short loc_401153 ; Jump if Zero (ZF=1) .text:0000000000401130 .text:0000000000401132 078 mov ebx, r12d .text:0000000000401132 .text:0000000000401135 .text:0000000000401135 loc_401135: ; CODE XREF: phase_6+57↓j .text:0000000000401135 078 movsxd rax, ebx ; Move with Sign-Extend Doubleword .text:0000000000401138 078 mov eax, [rsp+rax*4] .text:000000000040113B 078 cmp [rbp+0], eax ; 依次比较,判断每个输入都不同 .text:000000000040113E 078 jnz short loc_401145 ; 不相等就跳转 .text:000000000040113E .text:0000000000401140 078 call explode_bomb ; Call Procedure .text:0000000000401140 .text:0000000000401145 ; --------------------------------------------------------------------------- .text:0000000000401145 .text:0000000000401145 loc_401145: ; CODE XREF: phase_6+4A↑j .text:0000000000401145 078 add ebx, 1 ; 控制循环,共6次 .text:0000000000401148 078 cmp ebx, 5 ; Compare Two Operands .text:000000000040114B 078 jle short loc_401135 ; Jump if Less or Equal (ZF=1 | SF!=OF) .text:000000000040114B .text:000000000040114D 078 add r13, 4 ; 向下偏移4个字节,取后面输入数字 .text:0000000000401151 078 jmp short loc_401114 ; 返回处偏移加了4 .text:0000000000401151 .text:0000000000401153 ; --------------------------------------------------------------------------- .text:0000000000401153 .text:0000000000401153 loc_401153: ; CODE XREF: phase_6+3C↑j .text:0000000000401153 078 lea rsi, [rsp+24] ; Load Effective Address .text:0000000000401158 078 mov rax, r14 .text:000000000040115B 078 mov ecx, 7 .text:000000000040115B .text:0000000000401160 .text:0000000000401160 loc_401160: ; CODE XREF: phase_6+79↓j .text:0000000000401160 078 mov edx, ecx ; 7 .text:0000000000401160 ; 把ecx的值给edx .text:0000000000401162 078 sub edx, [rax] ; Integer Subtraction .text:0000000000401164 078 mov [rax], edx ; 7 - 每一位输入,将其结果替换为输入的数字中 .text:0000000000401166 078 add rax, 4 ; 输入数字向下取一位 .text:000000000040116A 078 cmp rax, rsi ; 判断是否处理完输入的6个数字 .text:000000000040116D 078 jnz short loc_401160 ; 7 .text:000000000040116D ; 把ecx的值给edx .text:000000000040116D .text:000000000040116F 078 mov esi, 0 .text:0000000000401174 078 jmp short loc_401197 ; Jump .text:0000000000401174 .text:0000000000401176 ; --------------------------------------------------------------------------- .text:0000000000401176 .text:0000000000401176 loc_401176: ; CODE XREF: phase_6+8B↓j .text:0000000000401176 ; phase_6+B5↓j .text:0000000000401176 078 mov rdx, [rdx+8] ; node1向下偏移8字节 .text:000000000040117A 078 add eax, 1 ; Add .text:000000000040117D 078 cmp eax, ecx ; 找到对应数字所对应的node .text:000000000040117F 078 jnz short loc_401176 ; node1向下偏移8字节 .text:000000000040117F .text:0000000000401181 078 jmp short loc_401188 ; 存储对应node数据 .text:0000000000401181 ; 将node进行保存到输入中, .text:0000000000401181 ; 每次偏移两个单位,当好去除掉了空格 .text:0000000000401181 .text:0000000000401183 ; --------------------------------------------------------------------------- .text:0000000000401183 .text:0000000000401183 loc_401183: ; CODE XREF: phase_6+A9↓j .text:0000000000401183 078 mov edx, offset node1 .text:0000000000401183 .text:0000000000401188 .text:0000000000401188 loc_401188: ; CODE XREF: phase_6+8D↑j .text:0000000000401188 078 mov [rsp+rsi*2+32], rdx ; 存储对应node数据 .text:0000000000401188 ; 将node进行保存到输入中, .text:0000000000401188 ; 每次偏移两个单位,当好去除掉了空格 .text:000000000040118D 078 add rsi, 4 ; Add .text:0000000000401191 078 cmp rsi, 18h ; 循环6次 .text:0000000000401195 078 jz short loc_4011AB ; Jump if Zero (ZF=1) .text:0000000000401195 .text:0000000000401197 .text:0000000000401197 loc_401197: ; CODE XREF: phase_6+80↑j .text:0000000000401197 078 mov ecx, [rsp+rsi] .text:000000000040119A 078 cmp ecx, 1 ; 取减完后的每一项与1进行比较 .text:000000000040119D 078 jle short loc_401183 ; 不等于往左,等于往右 .text:000000000040119D .text:000000000040119F 078 mov eax, 1 .text:00000000004011A4 078 mov edx, offset node1 ; 将node1地址给edx .text:00000000004011A9 078 jmp short loc_401176 ; node1向下偏移8字节 .text:00000000004011A9 .text:00000000004011AB ; --------------------------------------------------------------------------- .text:00000000004011AB .text:00000000004011AB loc_4011AB: ; CODE XREF: phase_6+A1↑j .text:00000000004011AB 078 mov rbx, [rsp+32] .text:00000000004011B0 078 lea rax, [rsp+40] ; Load Effective Address .text:00000000004011B5 078 lea rsi, [rsp+80] ; 将rsi置0 .text:00000000004011BA 078 mov rcx, rbx .text:00000000004011BA .text:00000000004011BD .text:00000000004011BD loc_4011BD: ; CODE XREF: phase_6+DC↓j .text:00000000004011BD 078 mov rdx, [rax] .text:00000000004011C0 078 mov [rcx+8], rdx ; rcx对应node起始地址 .text:00000000004011C4 078 add rax, 8 ; Add .text:00000000004011C8 078 cmp rax, rsi ; 判断是否循环完毕 .text:00000000004011CB 078 jz short loc_4011D2 ; Jump if Zero (ZF=1) .text:00000000004011CB .text:00000000004011CD 078 mov rcx, rdx .text:00000000004011D0 078 jmp short loc_4011BD ; Jump .text:00000000004011D0 .text:00000000004011D2 ; --------------------------------------------------------------------------- .text:00000000004011D2 .text:00000000004011D2 loc_4011D2: ; CODE XREF: phase_6+D7↑j .text:00000000004011D2 078 mov qword ptr [rdx+8], 0 .text:00000000004011DA 078 mov ebp, 5 .text:00000000004011DA .text:00000000004011DF .text:00000000004011DF loc_4011DF: ; CODE XREF: phase_6+101↓j .text:00000000004011DF 078 mov rax, [rbx+8] ; 将node中的数据段给rax .text:00000000004011E3 078 mov eax, [rax] .text:00000000004011E5 078 cmp [rbx], eax ; 比较后一项和前一项的大小 .text:00000000004011E7 078 jge short loc_4011EE ; 后一项的数据小于前一项时跳转 .text:00000000004011E7 .text:00000000004011E9 078 call explode_bomb ; Call Procedure .text:00000000004011E9 .text:00000000004011EE ; --------------------------------------------------------------------------- .text:00000000004011EE .text:00000000004011EE loc_4011EE: ; CODE XREF: phase_6+F3↑j .text:00000000004011EE 078 mov rbx, [rbx+8] .text:00000000004011F2 078 sub ebp, 1 ; Integer Subtraction .text:00000000004011F5 078 jnz short loc_4011DF ; 将node中的数据段给rax .text:00000000004011F5 .text:00000000004011F7 078 add rsp, 50h ; Add .text:00000000004011FB 028 pop rbx .text:00000000004011FC 020 pop rbp .text:00000000004011FD 018 pop r12 .text:00000000004011FF 010 pop r13 .text:0000000000401201 008 pop r14 .text:0000000000401203 000 retn ; Return Near from Procedure .text:0000000000401203 ; } // starts at 4010F4
|