“call __isoc99_sscanf”如何工作?

时间:2014-03-18 19:42:27

标签: assembly x86

我很确定命令行上的输入参数应该是一个字符串,但是当我“调用__isoc99_sscanf”时,eax寄存器的值为0.我真的不知道如何“调用__isoc99_sscanf“应该可以工作,但我知道堆栈指针是这样排序的:

.LC1    |    V EAX

.LC1是“输入:%s”,并且在“call __isoc99_sscanf”为33之前的eax并且在内存中保存一个字符串。在任何情况下,何时调用__isoc99_sscanf会导致1?

  .code32
.file   "mystery.c"
.text
.LCO:
.string "Incorrect number of command line arguments given"
.LC1:
.string "Input:%s"
.align 4
.LC2:
.string "Incorrect format for command line argument"
.LC3:
.string "Output: \"%s\"\n"
.text
 .globl main
.type   main, @function
 main:
pushl   %ebp
movl    %esp, %ebp
andl    $-16, %esp
subl    $32, %esp
cmpl    $2, 8(%ebp)
je  .L18
movl    $.LC0, (%esp)
call    puts
movl    $1, %eax
jmp .L19
.L18:
movl    12(%ebp), %eax
addl    $4, %eax
movl    (%eax), %eax
movl    %eax, (%esp)
call    strlen
movl    %eax, %edx
movl    %edx, %eax
sall    $2, %eax
addl    %edx, %eax
movl    %eax, (%esp)
call    malloc
movl    %eax, 28(%esp)
movl    $.LC1, %edx
movl    12(%ebp), %eax
addl    $4, %eax
movl    (%eax), %eax
movl    28(%esp), %ecx
movl    %ecx, 8(%esp)
movl    %edx, 4(%esp)
movl    %eax, (%esp)
call    __isoc99_sscanf
cmpl    $1, %eax
je  .L20
movl    $.LC2, (%esp)
call    puts
movl    $1, %eax
jmp .L19

 .L20:
movl    28(%esp), %eax
movl    %eax, (%esp)
call    foo
movl    $.LC3, %eax
movl    28(%esp), %edx
movl    %edx, 4(%esp)
movl    %eax, (%esp)
call    printf
movl    28(%esp), %eax
movl    %eax, (%esp)
call    free
jmp .L17
.L19:
.L17:
leave
ret
.size   main, .-main
.ident  "GCC: (GNU) 4.4.7 20120313 (Red Hat 4.4.7-4)"
.section    .note.GNU-stack,"",@progbits

2 个答案:

答案 0 :(得分:0)

我认为这会有所帮助:

   man scanf:

       These  functions  return the number of input items successfully matched
   and assigned, which can be fewer than provided for, or even zero in the
   event of an early matching failure.

答案 1 :(得分:-1)

基本上,它返回您刚刚输入计算机的输入总数。如果将两个数字放在“ 1 4”中,则会将%rax设置为2。