所以我正在努力理解我必须为课堂做的二元炸弹实验室的这个阶段。我看到我需要2个以上的输入来使功能正常工作,但之后开始变得非常混乱。
这是第3阶段的汇编代码:
0x0000000000400ff7 <+0>: sub $0x18,%rsp
0x0000000000400ffb <+4>: lea 0xc(%rsp),%r8
0x0000000000401000 <+9>: lea 0x7(%rsp),%rcx
0x0000000000401005 <+14>: lea 0x8(%rsp),%rdx
0x000000000040100a <+19>: mov $0x402776,%esi
0x000000000040100f <+24>: mov $0x0,%eax
0x0000000000401014 <+29>: callq 0x400cb0 <__isoc99_sscanf@plt> //taking in input
0x0000000000401019 <+34>: cmp $0x2,%eax //checks if more than 2 inputs appear
0x000000000040101c <+37>: jg 0x401023 <phase_3+44> //jump if greater than 2 inputs
0x000000000040101e <+39>: callq 0x401741 <explode_bomb>
0x0000000000401023 <+44>: cmpl $0x7,0x8(%rsp) //checks if first input value is less than 7
0x0000000000401028 <+49>: ja 0x401120 <phase_3+297>
0x000000000040102e <+55>: mov 0x8(%rsp),%eax
0x0000000000401032 <+59>: jmpq *0x402790(,%rax,8) //jumps to certain memory address based on first input.
0x0000000000401039 <+66>: mov $0x75,%eax
0x000000000040103e <+71>: cmpl $0x18d,0xc(%rsp) //i think this is one of the switch cases that <+59> jumps to.
0x0000000000401046 <+79>: je 0x40112a <phase_3+307>
0x000000000040104c <+85>: callq 0x401741 <explode_bomb>
0x0000000000401051 <+90>: mov $0x75,%eax
0x0000000000401056 <+95>: jmpq 0x40112a <phase_3+307>
0x000000000040105b <+100>: mov $0x68,%eax
0x0000000000401060 <+105>: cmpl $0xd0,0xc(%rsp)
0x0000000000401068 <+113>: je 0x40112a <phase_3+307>//another switch case
0x000000000040106e <+119>: callq 0x401741 <explode_bomb>
0x0000000000401073 <+124>: mov $0x68,%eax
0x0000000000401078 <+129>: jmpq 0x40112a <phase_3+307>
0x000000000040107d <+134>: mov $0x79,%eax
0x0000000000401082 <+139>: cmpl $0x2fd,0xc(%rsp)
0x000000000040108a <+147>: je 0x40112a <phase_3+307>//another switch case
0x0000000000401090 <+153>: callq 0x401741 <explode_bomb>
0x0000000000401095 <+158>: mov $0x79,%eax
0x000000000040109a <+163>: jmpq 0x40112a <phase_3+307>
0x000000000040109f <+168>: mov $0x68,%eax
0x00000000004010a4 <+173>: cmpl $0x3da,0xc(%rsp)
0x00000000004010ac <+181>: je 0x40112a <phase_3+307>/all another switch case
0x00000000004010ae <+183>: callq 0x401741 <explode_bomb>
0x00000000004010b3 <+188>: mov $0x68,%eax
0x00000000004010b8 <+193>: jmp 0x40112a <phase_3+307>
0x00000000004010ba <+195>: mov $0x71,%eax
0x00000000004010bf <+200>: cmpl $0x375,0xc(%rsp)
0x00000000004010c7 <+208>: je 0x40112a <phase_3+307>// another switch case
0x00000000004010c9 <+210>: callq 0x401741 <explode_bomb>
0x00000000004010ce <+215>: mov $0x71,%eax
0x00000000004010d3 <+220>: jmp 0x40112a <phase_3+307>
0x00000000004010d5 <+222>: mov $0x77,%eax
0x00000000004010da <+227>: cmpl $0x53,0xc(%rsp)
0x00000000004010df <+232>: je 0x40112a <phase_3+307>// another switch case
0x00000000004010e1 <+234>: callq 0x401741 <explode_bomb>
0x00000000004010e6 <+239>: mov $0x77,%eax
0x00000000004010eb <+244>: jmp 0x40112a <phase_3+307>
0x00000000004010ed <+246>: mov $0x62,%eax
0x00000000004010f2 <+251>: cmpl $0x67,0xc(%rsp)
0x00000000004010f7 <+256>: je 0x40112a <phase_3+307>// another switch case
0x00000000004010f9 <+258>: callq 0x401741 <explode_bomb>
0x00000000004010fe <+263>: mov $0x62,%eax
0x0000000000401103 <+268>: jmp 0x40112a <phase_3+307>
0x0000000000401105 <+270>: mov $0x61,%eax
0x000000000040110a <+275>: cmpl $0xd7,0xc(%rsp)
0x0000000000401112 <+283>: je 0x40112a <phase_3+307>// another switch case
0x0000000000401114 <+285>: callq 0x401741 <explode_bomb>
0x0000000000401119 <+290>: mov $0x61,%eax
0x000000000040111e <+295>: jmp 0x40112a <phase_3+307>
0x0000000000401120 <+297>: callq 0x401741 <explode_bomb>
0x0000000000401125 <+302>: mov $0x77,%eax
0x000000000040112a <+307>: cmp 0x7(%rsp),%al
0x000000000040112e <+311>: je 0x401135 <phase_3+318>// another switch case
0x0000000000401130 <+313>: callq 0x401741 <explode_bomb>
0x0000000000401135 <+318>: add $0x18,%rsp // add 18 to final val of rsp
我为代码的数量道歉,但我不熟悉汇编,我真的很难理解循环的位置以及此代码正在执行的功能。
编辑:我看了一会儿,终于发现输入意味着在-int char int-form中。另外,代码的大小归因于这样的事实:取决于第一个int输入的值,其他两个潜在键的值改变。我现在面临的主要问题是我无法真正了解第一个输入是如何用于生成其他输入的。