¾Ý˵ÊÇÃÀ¹ú×î¡°¹Ö¡±C³ÌÐò´óÈüµÄ»ñ½±³ÌÐò
int main()
{
printf(&unix["\021%six\012\0"], (unix)["have"] + "fun" - 0x60);
}
gcc -S±àÒë³É»ã±à´úÂëÈçÏÂ:
.file "test.c"
.section .rodata
.LC0:
.string "fun"
.LC1:
.string "\021%six\n"
.string ""
.text
.globl main
.type main,@function
main:
pushl %ebp
movl %esp, %ebp
subl $8, %esp
andl $-16, %esp
movl $0, %eax
subl %eax, %esp
subl $8, %esp
movl $.LC0, %eax
subl $96, %eax
addl $97, %eax
pushl %eax
pushl $.LC1+1
call printf
addl $16, %esp
leave
ret
.Lfe1:
.size main,.Lfe1-main
.section .note.GNU-stack,"",@progbits
&n
Ïà¹ØÎĵµ£º
Author: Scurffybear Date: 2009.09.08
×î½üÔÚÕÐÐÂÈË£¬ÏÂÃæÊÇÒ»µÀCµÄÃæÊÔÌ⣬ÃæÊÔµÄÓ¡¶ÈÈËÖУ¬Ã»ÓÐÒ»¸öÈË×ö¶Ô£¬ÎÒ´Ö¿´ÁËÒ»ÏÂÌ⣬ÔÚûÓп´´ð°¸Ç°£¬ÎÒ×Ô¼ºÒ²×ö´íÁË£¬àÅ£¬Êǵģ¬Ã»É¶²»ºÃÒâ˼µÄ£¬ÎÒ¾õµÃÕâ¸öÌâÄ¿ºÜÈÝÒ×ʹÈ˲úÉúÎó½â£¬ÓÖ»òÕßÔñ£ÃÓÐÉîºñ¹¦µ×µÄÈËÄܶã¹ýÕâÒ»¸öÕÏÑÛ·¨£¿
ÒÔÏÂÊÇÌâÄ¿£¬
main()
{
char * ......
c±ä³ÉµÄ¶ÔÏó´ó¶àÊǹ²ÏíÄÚ´æÖÐÉêÇ룬±È½ÏÉÙÓÃmallocÖ±½ÓÀ´ÉêÇ룬ËùÒÔÁ´±íÉè¼ÆÒ»°ãÊÇÏÂÃæ2Öнṹ£º
¶ÔÏó --> ¶ÔÏó --> ¶ÔÏó
¶ÔÏó -->Á´±í¶ÔÏó-->¶ÔÏó -->Á´±í¶ÔÏó
£¨1£©¶ÔÓÚµÚÒ»ÖÖ£¬Á´±íÖ±½Ó¹ØÁªµ½¶ÔÏó±¾Éí£¬ËùÒÔÈç¹ûÒ»¸ö¶ÔÏóÔÚÏûÍöʱ£¬Ã»Óм°Ê±ÇåÀíµôÁ´±í¹Øϵ£¬Ôò»áµ¼ÖÂÁ´±íµôÁ´¡£
£¨2£©Á´±í¶ÔÏó±¾ÉíÊÇÒ» ......
ÔÚCÓïÑÔÀȫ¾Ö±äÁ¿Èç¹û²»³õʼ»¯µÄ»°£¬Ä¬ÈÏΪ0£¬Ò²¾ÍÊÇ˵ÔÚÈ«¾Ö¿Õ¼äÀ
int x =0; ¸ú int x; µÄЧ¹û¿´ÆðÀ´ÊÇÒ»ÑùµÄ¡£µ«ÆäʵÕâÀïÃæµÄ²î±ðºÜ´ó£¬Ç¿ÁÒ½¨Òé´ó¼ÒËùÓеÄÈ«¾Ö±äÁ¿¶¼Òª³õʼ»¯£¬ËûÃǵÄÖ÷Òª²î±ðÈçÏ£º
±àÒëÆ÷ÔÚ±àÒëµÄʱºòÕë¶ÔÕâÁ½ÖÖÇé¿ö»á²úÉúÁ½ÖÖ·ûºÅ·ÅÔÚÄ¿±êÎļþµÄ·ûºÅ±íÖУ¬¶ÔÓÚ³õʼ»¯µÄ£¬½ÐÇ¿·ûºÅ£¬Î´³õʼ»¯µÄ ......
ת×Ô£ºhttp://blog.csdn.net/Lambol_8309/archive/2009/09/06/4524453.aspx
Ôø¾Åöµ½¹ýÈÃÄãÃԻ󲻽⡢ÀàËÆÓÚint * (* (*fp1) (int) ) [10];ÕâÑùµÄ±äÁ¿ÉùÃ÷Â𣿱¾ÎĽ«ÓÉÒ×µ½ÄÑ£¬Ò»²½Ò»²½½Ì»áÄãÈçºÎÀí½âÕâÖÖ¸´ÔÓµÄC/C++ÉùÃ÷¡£
¡¡¡¡ÎÒÃǽ«´ÓÿÌ춼ÄÜÅöµ½µÄ½Ï¼òµ¥µÄÉùÃ÷ÈëÊÖ£¬È»ºóÖð²½¼ÓÈëconstÐÞÊηûºÍtypedef£¬»¹Óк¯ÊýÖ¸Õ ......
