15,471
社区成员
发帖
与我相关
我的任务
分享急急急求高手!
我想得到另一进程里的一些信息,初步判定这些信息在另一进程里采用链表结构。然后跟踪到目标进程处理信息的模块的地方,下面是反汇编代码:
043DCE30 /$ 56 PUSH ESI
043DCE31 |. 8BF1 MOV ESI,ECX
043DCE33 |. 33D2 XOR EDX,EDX
043DCE35 |. 3996 84180400 CMP DWORD PTR DS:[ESI+41884],EDX
043DCE3B |. 75 04 JNZ SHORT bcgame.043DCE41
043DCE3D |. 32C0 XOR AL,AL
043DCE3F |. 5E POP ESI
043DCE40 |. C3 RETN
043DCE41 |> 53 PUSH EBX
043DCE42 |. 55 PUSH EBP
043DCE43 |. 8DAE 305A0100 LEA EBP,DWORD PTR DS:[ESI+15A30]
043DCE49 |. 57 PUSH EDI
043DCE4A |. B9 112B0000 MOV ECX,2B11
043DCE4F |. 33C0 XOR EAX,EAX
043DCE51 |. 8BFD MOV EDI,EBP
043DCE53 |. 8D5E 04 LEA EBX,DWORD PTR DS:[ESI+4]
043DCE56 |. F3:AB REP STOS DWORD PTR ES:[EDI]
043DCE58 |. B9 112B0000 MOV ECX,2B11
043DCE5D |. 8BFB MOV EDI,EBX
043DCE5F |. F3:AB REP STOS DWORD PTR ES:[EDI]
043DCE61 |. B9 112B0000 MOV ECX,2B11
043DCE66 |. 8DBE 48AC0000 LEA EDI,DWORD PTR DS:[ESI+AC48]
043DCE6C |. F3:AB REP STOS DWORD PTR ES:[EDI]
043DCE6E |. 8DBE 74060200 LEA EDI,DWORD PTR DS:[ESI+20674]
043DCE74 |. B9 112B0000 MOV ECX,2B11
043DCE79 |. F3:AB REP STOS DWORD PTR ES:[EDI]
043DCE7B |. 8DBE B8B20200 LEA EDI,DWORD PTR DS:[ESI+2B2B8]
043DCE81 |. B9 112B0000 MOV ECX,2B11
043DCE86 |. F3:AB REP STOS DWORD PTR ES:[EDI]
043DCE88 |. 8DBE FC5E0300 LEA EDI,DWORD PTR DS:[ESI+35EFC]
043DCE8E |. B9 112B0000 MOV ECX,2B11
043DCE93 |. F3:AB REP STOS DWORD PTR ES:[EDI]
043DCE95 |. 8B86 081C0400 MOV EAX,DWORD PTR DS:[ESI+41C08]
043DCE9B |. 8996 90180400 MOV DWORD PTR DS:[ESI+41890],EDX
043DCEA1 |. 3BC2 CMP EAX,EDX
043DCEA3 |. 8996 8C180400 MOV DWORD PTR DS:[ESI+4188C],EDX
043DCEA9 |. 8996 88180400 MOV DWORD PTR DS:[ESI+41888],EDX
043DCEAF |. 8996 94180400 MOV DWORD PTR DS:[ESI+41894],EDX
043DCEB5 |. 7E 60 JLE SHORT bcgame.043DCF17
043DCEB7 |. 8D8E 8C580100 LEA ECX,DWORD PTR DS:[ESI+1588C]
043DCEBD |. 8BF8 MOV EDI,EAX
043DCEBF |> 8B01 /MOV EAX,DWORD PTR DS:[ECX]
043DCEC1 |. 83F8 01 |CMP EAX,1
043DCEC4 |. 74 45 |JE SHORT bcgame.043DCF0B
043DCEC6 |. 83F8 03 |CMP EAX,3
043DCEC9 |. 7E 05 |JLE SHORT bcgame.043DCED0
043DCECB |. 83F8 07 |CMP EAX,7
043DCECE |. 7C 3B |JL SHORT bcgame.043DCF0B
043DCED0 |> 83F8 02 |CMP EAX,2
043DCED3 |. 74 2E |JE SHORT bcgame.043DCF03
043DCED5 |. 83F8 06 |CMP EAX,6
043DCED8 |. 7E 05 |JLE SHORT bcgame.043DCEDF
043DCEDA |. 83F8 0A |CMP EAX,0A
043DCEDD |. 7C 24 |JL SHORT bcgame.043DCF03
043DCEDF |> 83F8 03 |CMP EAX,3
043DCEE2 |. 74 17 |JE SHORT bcgame.043DCEFB
043DCEE4 |. 83F8 09 |CMP EAX,9
043DCEE7 |. 7E 05 |JLE SHORT bcgame.043DCEEE
043DCEE9 |. 83F8 0D |CMP EAX,0D
043DCEEC |. 7C 0D |JL SHORT bcgame.043DCEFB
043DCEEE |> 83F8 FF |CMP EAX,-1
043DCEF1 |. 75 1E |JNZ SHORT bcgame.043DCF11
043DCEF3 |. FF86 94180400 |INC DWORD PTR DS:[ESI+41894]
043DCEF9 |. EB 16 |JMP SHORT bcgame.043DCF11
043DCEFB |> FF86 88180400 |INC DWORD PTR DS:[ESI+41888]
043DCF01 |. EB 0E |JMP SHORT bcgame.043DCF11
043DCF03 |> FF86 8C180400 |INC DWORD PTR DS:[ESI+4188C]
043DCF09 |. EB 06 |JMP SHORT bcgame.043DCF11
043DCF0B |> FF86 90180400 |INC DWORD PTR DS:[ESI+41890]
043DCF11 |> 83C1 04 |ADD ECX,4
043DCF14 |. 4F |DEC EDI
043DCF15 |.^ 75 A8 \JNZ SHORT bcgame.043DCEBF
043DCF17 |> 8B8E 84180400 MOV ECX,DWORD PTR DS:[ESI+41884]
043DCF1D |. 68 C4323E04 PUSH bcgame.043E32C4
043DCF22 |. 68 84413E04 PUSH bcgame.043E4184 ; ASCII
"_root.cmd_Road"
043DCF27 |. E8 44050000 CALL bcgame.043DD470
043DCF2C |. 8D86 8C580100 LEA EAX,DWORD PTR DS:[ESI+1588C]
043DCF32 |. 8BCB MOV ECX,EBX
043DCF34 |. 50 PUSH EAX ; /Arg1
043DCF35 |. E8 E6D0FFFF CALL bcgame.043DA020 ; \bcgame.043DA020
043DCF3A |. 6A 1E PUSH 1E
043DCF3C |. 6A 06 PUSH 6
043DCF3E |. 55 PUSH EBP
043DCF3F |. 8BCB MOV ECX,EBX
043DCF41 |. E8 BAD8FFFF CALL bcgame.043DA800
043DCF46 |. 6A 00 PUSH 0 ; /Arg4 = 00000000
043DCF48 |. 68 E9030000 PUSH 3E9 ; |Arg3 = 000003E9
043DCF4D |. 6A 1E PUSH 1E ; |Arg2 = 0000001E
043DCF4F |. 6A 06 PUSH 6 ; |Arg1 = 00000006
043DCF51 |. 8BCE MOV ECX,ESI ; |
043DCF53 |. E8 D8F7FFFF CALL bcgame.043DC730 ; \bcgame.043DC730
043DCF58 |. 8B8E 400B0400 MOV ECX,DWORD PTR DS:[ESI+40B40]
043DCF5E |. 8B96 440B0400 MOV EDX,DWORD PTR DS:[ESI+40B44]
043DCF64 |. 898E 9C180400 MOV DWORD PTR DS:[ESI+4189C],ECX
043DCF6A |. 55 PUSH EBP ; /Arg1
043DCF6B |. 8BCB MOV ECX,EBX ; |
043DCF6D |. 8996 98180400 MOV DWORD PTR DS:[ESI+41898],EDX ; |
043DCF73 |. E8 18D3FFFF CALL bcgame.043DA290 ; \bcgame.043DA290
043DCF78 |. 6A 1E PUSH 1E
043DCF7A |. 8D86 B8B20200 LEA EAX,DWORD PTR DS:[ESI+2B2B8]
043DCF80 |. 6A 06 PUSH 6
043DCF82 |. 50 PUSH EAX
043DCF83 |. 8BCB MOV ECX,EBX
043DCF85 |. E8 76D8FFFF CALL bcgame.043DA800
043DCF8A |. 6A 00 PUSH 0 ; /Arg4 = 00000000
043DCF8C |. 68 EB030000 PUSH 3EB ; |Arg3 = 000003EB
043DCF91 |. 6A 1E PUSH 1E ; |Arg2 = 0000001E
043DCF93 |. 6A 06 PUSH 6 ; |Arg1 = 00000006
043DCF95 |. 8BCE MOV ECX,ESI ; |
043DCF97 |. E8 94F7FFFF CALL bcgame.043DC730 ; \bcgame.043DC730
043DCF9C |. 8B8E 440B0400 MOV ECX,DWORD PTR DS:[ESI+40B44]
043DCFA2 |. 8B86 400B0400 MOV EAX,DWORD PTR DS:[ESI+40B40]
043DCFA8 |. 898E A0180400 MOV DWORD PTR DS:[ESI+418A0],ECX
043DCFAE |. 55 PUSH EBP ; /Arg1
043DCFAF |. 8BCB MOV ECX,EBX ; |
043DCFB1 |. 8986 A4180400 MOV DWORD PTR DS:[ESI+418A4],EAX ; |
043DCFB7 |. E8 94D4FFFF CALL bcgame.043DA450 ; \bcgame.043DA450
043DCFBC |. 6A 1E PUSH 1E
043DCFBE |. 8D86 74060200 LEA EAX,DWORD PTR DS:[ESI+20674]
043DCFC4 |. 6A 06 PUSH 6
043DCFC6 |. 50 PUSH EAX
043DCFC7 |. 8BCB MOV ECX,EBX
043DCFC9 |. E8 32D8FFFF CALL bcgame.043DA800
043DCFCE |. 6A 00 PUSH 0 ; /Arg4 = 00000000
043DCFD0 |. 68 EA030000 PUSH 3EA ; |Arg3 = 000003EA
043DCFD5 |. 6A 1E PUSH 1E ; |Arg2 = 0000001E
043DCFD7 |. 6A 06 PUSH 6 ; |Arg1 = 00000006
043DCFD9 |. 8BCE MOV ECX,ESI ; |
043DCFDB |. E8 50F7FFFF CALL bcgame.043DC730 ; \bcgame.043DC730
043DCFE0 |. 8B96 400B0400 MOV EDX,DWORD PTR DS:[ESI+40B40]
043DCFE6 |. 8B86 440B0400 MOV EAX,DWORD PTR DS:[ESI+40B44]
043DCFEC |. 55 PUSH EBP ; /Arg1
043DCFED |. 8BCB MOV ECX,EBX ; |
043DCFEF |. 8996 AC180400 MOV DWORD PTR DS:[ESI+418AC],EDX ; |
043DCFF5 |. 8986 A8180400 MOV DWORD PTR DS:[ESI+418A8],EAX ; |
043DCFFB |. E8 20D6FFFF CALL bcgame.043DA620 ; \bcgame.043DA620
043DD000 |. 6A 19 PUSH 19
043DD002 |. 8D86 FC5E0300 LEA EAX,DWORD PTR DS:[ESI+35EFC]
043DD008 |. 6A 06 PUSH 6
043DD00A |. 50 PUSH EAX
043DD00B |. 8BCB MOV ECX,EBX
043DD00D |. E8 EED7FFFF CALL bcgame.043DA800
043DD012 |. 6A 00 PUSH 0 ; /Arg4 = 00000000
043DD014 |. 68 EC030000 PUSH 3EC ; |Arg3 = 000003EC
043DD019 |. 6A 19 PUSH 19 ; |Arg2 = 00000019
043DD01B |. 6A 06 PUSH 6 ; |Arg1 = 00000006
043DD01D |. 8BCE MOV ECX,ESI ; |
043DD01F |. E8 0CF7FFFF CALL bcgame.043DC730 ; \bcgame.043DC730
043DD024 |. 8B8E 400B0400 MOV ECX,DWORD PTR DS:[ESI+40B40]
043DD02A |. 8B96 440B0400 MOV EDX,DWORD PTR DS:[ESI+40B44]
043DD030 |. 898E B4180400 MOV DWORD PTR DS:[ESI+418B4],ECX
043DD036 |. 8996 B0180400 MOV DWORD PTR DS:[ESI+418B0],EDX
043DD03C |. 68 AC303E04 PUSH bcgame.043E30AC ; ASCII "true"
043DD041 |. 8B8E 84180400 MOV ECX,DWORD PTR DS:[ESI+41884]
043DD047 |. 68 98303E04 PUSH bcgame.043E3098 ; ASCII
"_root.Cmd_Boolean"
043DD04C |. E8 1F040000 CALL bcgame.043DD470
043DD051 |. 8BCE MOV ECX,ESI
043DD053 |. E8 D8020000 CALL bcgame.043DD330
043DD058 |. 5F POP EDI
043DD059 |. 5D POP EBP
043DD05A |. 5B POP EBX
043DD05B |. B0 01 MOV AL,1
043DD05D |. 5E POP ESI
043DD05E \. C3 RETN
高手帮我分析一下,上面的是不是在操作链表。如果是的话,如何确定链表头,以及获得下一个元素的指针。
043DCE30 /$ 56 PUSH ESI
043DCE31 |. 8BF1 MOV ESI,ECX
043DCE33 |. 33D2 XOR EDX,EDX
043DCE35 |. 3996 84180400 CMP DWORD PTR DS:[ESI+41884],EDX
043DCE3B |. 75 04 JNZ SHORT bcgame.043DCE41
043DCE3D |. 32C0 XOR AL,AL
043DCE3F |. 5E POP ESI
043DCE40 |. C3 RETN
043DCE41 |> 53 PUSH EBX
043DCE42 |. 55 PUSH EBP
043DCE43 |. 8DAE 305A0100 LEA EBP,DWORD PTR DS:[ESI+15A30]
043DCE49 |. 57 PUSH EDI
043DCE4A |. B9 112B0000 MOV ECX,2B11
043DCE4F |. 33C0 XOR EAX,EAX
043DCE51 |. 8BFD MOV EDI,EBP
043DCE53 |. 8D5E 04 LEA EBX,DWORD PTR DS:[ESI+4]
043DCE56 |. F3:AB REP STOS DWORD PTR ES:[EDI]
043DCE58 |. B9 112B0000 MOV ECX,2B11
043DCE5D |. 8BFB MOV EDI,EBX
043DCE5F |. F3:AB REP STOS DWORD PTR ES:[EDI]
043DCE61 |. B9 112B0000 MOV ECX,2B11
043DCE66 |. 8DBE 48AC0000 LEA EDI,DWORD PTR DS:[ESI+AC48]
043DCE6C |. F3:AB REP STOS DWORD PTR ES:[EDI]
043DCE6E |. 8DBE 74060200 LEA EDI,DWORD PTR DS:[ESI+20674]
043DCE74 |. B9 112B0000 MOV ECX,2B11
043DCE79 |. F3:AB REP STOS DWORD PTR ES:[EDI]
043DCE7B |. 8DBE B8B20200 LEA EDI,DWORD PTR DS:[ESI+2B2B8]
043DCE81 |. B9 112B0000 MOV ECX,2B11
043DCE86 |. F3:AB REP STOS DWORD PTR ES:[EDI]
043DCE88 |. 8DBE FC5E0300 LEA EDI,DWORD PTR DS:[ESI+35EFC]
043DCE8E |. B9 112B0000 MOV ECX,2B11
043DCE93 |. F3:AB REP STOS DWORD PTR ES:[EDI]
043DCE95 |. 8B86 081C0400 MOV EAX,DWORD PTR DS:[ESI+41C08]
043DCE9B |. 8996 90180400 MOV DWORD PTR DS:[ESI+41890],EDX
043DCEA1 |. 3BC2 CMP EAX,EDX
043DCEA3 |. 8996 8C180400 MOV DWORD PTR DS:[ESI+4188C],EDX
043DCEA9 |. 8996 88180400 MOV DWORD PTR DS:[ESI+41888],EDX
043DCEAF |. 8996 94180400 MOV DWORD PTR DS:[ESI+41894],EDX
043DCEB5 |. 7E 60 JLE SHORT bcgame.043DCF17
043DCEB7 |. 8D8E 8C580100 LEA ECX,DWORD PTR DS:[ESI+1588C]
043DCEBD |. 8BF8 MOV EDI,EAX
043DCEBF |> 8B01 /MOV EAX,DWORD PTR DS:[ECX]
043DCEC1 |. 83F8 01 |CMP EAX,1
043DCEC4 |. 74 45 |JE SHORT bcgame.043DCF0B
043DCEC6 |. 83F8 03 |CMP EAX,3
043DCEC9 |. 7E 05 |JLE SHORT bcgame.043DCED0
043DCECB |. 83F8 07 |CMP EAX,7
043DCECE |. 7C 3B |JL SHORT bcgame.043DCF0B
043DCED0 |> 83F8 02 |CMP EAX,2
043DCED3 |. 74 2E |JE SHORT bcgame.043DCF03
043DCED5 |. 83F8 06 |CMP EAX,6
043DCED8 |. 7E 05 |JLE SHORT bcgame.043DCEDF
043DCEDA |. 83F8 0A |CMP EAX,0A
043DCEDD |. 7C 24 |JL SHORT bcgame.043DCF03
043DCEDF |> 83F8 03 |CMP EAX,3
043DCEE2 |. 74 17 |JE SHORT bcgame.043DCEFB
043DCEE4 |. 83F8 09 |CMP EAX,9
043DCEE7 |. 7E 05 |JLE SHORT bcgame.043DCEEE
043DCEE9 |. 83F8 0D |CMP EAX,0D
043DCEEC |. 7C 0D |JL SHORT bcgame.043DCEFB
043DCEEE |> 83F8 FF |CMP EAX,-1
043DCEF1 |. 75 1E |JNZ SHORT bcgame.043DCF11
043DCEF3 |. FF86 94180400 |INC DWORD PTR DS:[ESI+41894]
043DCEF9 |. EB 16 |JMP SHORT bcgame.043DCF11
043DCEFB |> FF86 88180400 |INC DWORD PTR DS:[ESI+41888]
043DCF01 |. EB 0E |JMP SHORT bcgame.043DCF11
043DCF03 |> FF86 8C180400 |INC DWORD PTR DS:[ESI+4188C]
043DCF09 |. EB 06 |JMP SHORT bcgame.043DCF11
043DCF0B |> FF86 90180400 |INC DWORD PTR DS:[ESI+41890]
043DCF11 |> 83C1 04 |ADD ECX,4
043DCF14 |. 4F |DEC EDI
043DCF15 |.^ 75 A8 \JNZ SHORT bcgame.043DCEBF
043DCF17 |> 8B8E 84180400 MOV ECX,DWORD PTR DS:[ESI+41884]
043DCF1D |. 68 C4323E04 PUSH bcgame.043E32C4
043DCF22 |. 68 84413E04 PUSH bcgame.043E4184 ; ASCII
"_root.cmd_Road"
043DCF27 |. E8 44050000 CALL bcgame.043DD470
043DCF2C |. 8D86 8C580100 LEA EAX,DWORD PTR DS:[ESI+1588C]
043DCF32 |. 8BCB MOV ECX,EBX
043DCF34 |. 50 PUSH EAX ; /Arg1
043DCF35 |. E8 E6D0FFFF CALL bcgame.043DA020 ; \bcgame.043DA020
043DCF3A |. 6A 1E PUSH 1E
043DCF3C |. 6A 06 PUSH 6
043DCF3E |. 55 PUSH EBP
043DCF3F |. 8BCB MOV ECX,EBX
043DCF41 |. E8 BAD8FFFF CALL bcgame.043DA800
043DCF46 |. 6A 00 PUSH 0 ; /Arg4 = 00000000
043DCF48 |. 68 E9030000 PUSH 3E9 ; |Arg3 = 000003E9
043DCF4D |. 6A 1E PUSH 1E ; |Arg2 = 0000001E
043DCF4F |. 6A 06 PUSH 6 ; |Arg1 = 00000006
043DCF51 |. 8BCE MOV ECX,ESI ; |
043DCF53 |. E8 D8F7FFFF CALL bcgame.043DC730 ; \bcgame.043DC730
043DCF58 |. 8B8E 400B0400 MOV ECX,DWORD PTR DS:[ESI+40B40]
043DCF5E |. 8B96 440B0400 MOV EDX,DWORD PTR DS:[ESI+40B44]
043DCF64 |. 898E 9C180400 MOV DWORD PTR DS:[ESI+4189C],ECX
043DCF6A |. 55 PUSH EBP ; /Arg1
043DCF6B |. 8BCB MOV ECX,EBX ; |
043DCF6D |. 8996 98180400 MOV DWORD PTR DS:[ESI+41898],EDX ; |
043DCF73 |. E8 18D3FFFF CALL bcgame.043DA290 ; \bcgame.043DA290
043DCF78 |. 6A 1E PUSH 1E
043DCF7A |. 8D86 B8B20200 LEA EAX,DWORD PTR DS:[ESI+2B2B8]
043DCF80 |. 6A 06 PUSH 6
043DCF82 |. 50 PUSH EAX
043DCF83 |. 8BCB MOV ECX,EBX
043DCF85 |. E8 76D8FFFF CALL bcgame.043DA800
043DCF8A |. 6A 00 PUSH 0 ; /Arg4 = 00000000
043DCF8C |. 68 EB030000 PUSH 3EB ; |Arg3 = 000003EB
043DCF91 |. 6A 1E PUSH 1E ; |Arg2 = 0000001E
043DCF93 |. 6A 06 PUSH 6 ; |Arg1 = 00000006
043DCF95 |. 8BCE MOV ECX,ESI ; |
043DCF97 |. E8 94F7FFFF CALL bcgame.043DC730 ; \bcgame.043DC730
043DCF9C |. 8B8E 440B0400 MOV ECX,DWORD PTR DS:[ESI+40B44]
043DCFA2 |. 8B86 400B0400 MOV EAX,DWORD PTR DS:[ESI+40B40]
043DCFA8 |. 898E A0180400 MOV DWORD PTR DS:[ESI+418A0],ECX
043DCFAE |. 55 PUSH EBP ; /Arg1
043DCFAF |. 8BCB MOV ECX,EBX ; |
043DCFB1 |. 8986 A4180400 MOV DWORD PTR DS:[ESI+418A4],EAX ; |
043DCFB7 |. E8 94D4FFFF CALL bcgame.043DA450 ; \bcgame.043DA450
043DCFBC |. 6A 1E PUSH 1E
043DCFBE |. 8D86 74060200 LEA EAX,DWORD PTR DS:[ESI+20674]
043DCFC4 |. 6A 06 PUSH 6
043DCFC6 |. 50 PUSH EAX
043DCFC7 |. 8BCB MOV ECX,EBX
043DCFC9 |. E8 32D8FFFF CALL bcgame.043DA800
043DCFCE |. 6A 00 PUSH 0 ; /Arg4 = 00000000
043DCFD0 |. 68 EA030000 PUSH 3EA ; |Arg3 = 000003EA
043DCFD5 |. 6A 1E PUSH 1E ; |Arg2 = 0000001E
043DCFD7 |. 6A 06 PUSH 6 ; |Arg1 = 00000006
043DCFD9 |. 8BCE MOV ECX,ESI ; |
043DCFDB |. E8 50F7FFFF CALL bcgame.043DC730 ; \bcgame.043DC730
043DCFE0 |. 8B96 400B0400 MOV EDX,DWORD PTR DS:[ESI+40B40]
043DCFE6 |. 8B86 440B0400 MOV EAX,DWORD PTR DS:[ESI+40B44]
043DCFEC |. 55 PUSH EBP ; /Arg1
043DCFED |. 8BCB MOV ECX,EBX ; |
043DCFEF |. 8996 AC180400 MOV DWORD PTR DS:[ESI+418AC],EDX ; |
043DCFF5 |. 8986 A8180400 MOV DWORD PTR DS:[ESI+418A8],EAX ; |
043DCFFB |. E8 20D6FFFF CALL bcgame.043DA620 ; \bcgame.043DA620
043DD000 |. 6A 19 PUSH 19
043DD002 |. 8D86 FC5E0300 LEA EAX,DWORD PTR DS:[ESI+35EFC]
043DD008 |. 6A 06 PUSH 6
043DD00A |. 50 PUSH EAX
043DD00B |. 8BCB MOV ECX,EBX
043DD00D |. E8 EED7FFFF CALL bcgame.043DA800
043DD012 |. 6A 00 PUSH 0 ; /Arg4 = 00000000
043DD014 |. 68 EC030000 PUSH 3EC ; |Arg3 = 000003EC
043DD019 |. 6A 19 PUSH 19 ; |Arg2 = 00000019
043DD01B |. 6A 06 PUSH 6 ; |Arg1 = 00000006
043DD01D |. 8BCE MOV ECX,ESI ; |
043DD01F |. E8 0CF7FFFF CALL bcgame.043DC730 ; \bcgame.043DC730
043DD024 |. 8B8E 400B0400 MOV ECX,DWORD PTR DS:[ESI+40B40]
043DD02A |. 8B96 440B0400 MOV EDX,DWORD PTR DS:[ESI+40B44]
043DD030 |. 898E B4180400 MOV DWORD PTR DS:[ESI+418B4],ECX
043DD036 |. 8996 B0180400 MOV DWORD PTR DS:[ESI+418B0],EDX
043DD03C |. 68 AC303E04 PUSH bcgame.043E30AC ; ASCII "true"
043DD041 |. 8B8E 84180400 MOV ECX,DWORD PTR DS:[ESI+41884]
043DD047 |. 68 98303E04 PUSH bcgame.043E3098 ; ASCII
"_root.Cmd_Boolean"
043DD04C |. E8 1F040000 CALL bcgame.043DD470
043DD051 |. 8BCE MOV ECX,ESI
043DD053 |. E8 D8020000 CALL bcgame.043DD330
043DD058 |. 5F POP EDI
043DD059 |. 5D POP EBP
043DD05A |. 5B POP EBX
043DD05B |. B0 01 MOV AL,1
043DD05D |. 5E POP ESI
043DD05E \. C3 RETN
高手帮我分析一下,上面的是不是在操作链表。如果是的话,如何确定链表头,以及获得下一个元素的指针。
...全文
请发表友善的回复…
发表回复
