如果AL最初由AL组成并被0x00减去,则0xc5的最终值是什么?
代码:
asm3:
push ebp // Base pointer load (Prolong)
mov ebp,esp // Stack loading (Prolong)
mov eax,0xb6 // [00 00 00 b6]
xor al,al <--- Value of AL is 0
mov ah,BYTE PTR [ebp+0x8]
sal ax,0x10
sub al,BYTE PTR [ebp+0xf] <--- This is of doubt [ebp+0xf] is 0xc5 a
add ah,BYTE PTR [ebp+0xd]
xor ax,WORD PTR [ebp+0x12]
mov esp, ebp
pop ebp
ret
如前所述,AL的值为0x00,我们将[ebp+0xf]作为0xc5。那么,如果用AL减去0xc5的新值呢?
是0xC5的两个补码,即0x3B吗?
答案 0 :(得分:1)
是正确的。从零减去0xC5产生0xC5,0x3B的二进制补码:
section .data
sys_exit: equ 60
section .text
global _start
_start: nop
xor al, al
sub al, 0xC5
nop ; al = 0x3B
mov al, 0xC5
neg al
nop ; al = 0x3B
mov rax, sys_exit
xor rdi, rdi
syscall