malloc的汇编代码 [英] Assembly code of malloc

问题描述

我想查看 malloc()， calloc()和 free()的汇编代码，但是当我打印汇编代码时在radare2上，它为我提供了以下代码:

I want to view the assembly code of malloc(), calloc() and free() but when I print the assembly code on radare2 it gives me the following code:

push rbp                 
mov rbp, rsp
sub rsp, 0x10
mov eax, 0xc8            
mov edi, eax             
call sym.imp.malloc      
xor ecx, ecx
mov qword [local_8h], rax
mov eax, ecx
add rsp, 0x10
pop rbp
ret

如何查看 sym.imp.malloc 功能代码?有什么办法可以查看代码或网站可以查看程序集吗?

How can I see sym.imp.malloc function code? Is there any way to see the code or any website to see the assembly?

推荐答案

由于libc是开放源代码库，因此它是免费提供的，您只需阅读源代码即可.
malloc的源代码可在线上许多地方获得(示例)，然后您可以在 malloc/malloc.c

Since libc is an open-source library, it is freely available and you can simply read the source code.
The source-code of malloc is available on many places online (example), and you can view the source of different versions of libc under malloc/malloc.c here.

符号 sym.imp.malloc 是如何在PLT(过程链接表)中而不是函数本身中标记 malloc 的地址的方法.

The symbol sym.imp.malloc is how radare flags the address of malloc in the PLT (Procedure Linkage Table) and not the function itself.

可以通过几种方式读取函数的汇编:

使用radare2打开本地的libc库，尝试进行malloc，分析该函数，然后取消打印:

Open your local libc library with radare2, seek to malloc, analyze the function and then print its disassmbly:

$ r2 /usr/lib/libc.so.6
[0x00020630]> s sym.malloc
[0x0007c620]> af
[0x0007c620]> pdf

如果要在链接到另一个二进制文件时看到 malloc ，则需要以 debug模式打开二进制文件，然后转到 main 使其加载库，然后搜索 malloc 的地址，进行查找，分析函数并打印反汇编:

If you want to see malloc when linked to another binary you need to open the binary in debug mode, then step to main to make it load the library, then search for the address of malloc, seek to it, analyze the function and print the disassembly:

$ r2 -d /bin/ls
Process with PID 20540 started...
= attach 20540 20540
bin.baddr 0x00400000
Using 0x400000
Assuming filepath /bin/ls
asm.bits 64
[0x7fa764841d80]> dcu main
Continue until 0x004028b0 using 1 bpsize
hit breakpoint at: 4028b0
[0x004028b0]> dmi libc malloc~name=malloc$
vaddr=0x7fa764315620 paddr=0x0007c620 ord=4162 fwd=NONE sz=388 bind=LOCAL type=FUNC name=malloc
vaddr=0x7fa764315620 paddr=0x0007c620 ord=5225 fwd=NONE sz=388 bind=LOCAL type=FUNC name=malloc
vaddr=0x7fa764315620 paddr=0x0007c620 ord=5750 fwd=NONE sz=388 bind=GLOBAL type=FUNC name=malloc
vaddr=0x7fa764315620 paddr=0x0007c620 ord=7013 fwd=NONE sz=388 bind=GLOBAL type=FUNC name=malloc
[0x004028b0]> s 0x7fa764315620
[0x7fa764315620]> af
[0x7fa764315620]> pdf

这篇关于malloc的汇编代码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！