如何正确调用汇编中的64位Windows API [英] How To Properly call 64 Bit Windows API In Assembly
问题描述
使用NASM和Mingw-w64,我一直在尝试运行以下程序,该程序应该使用Windows API在屏幕上显示消息.它可以运行,但是控制台上没有任何显示,并且导致对内存位置的无效访问(错误代码0x3e6h).为什么会这样,如何使程序正常运行?
Using NASM and Mingw-w64 I've been trying to run the following program which is supposed to print a message to the screen using the Windows API. It runs, but nothing shows on the console and it results in an invalid access to memory location (error code 0x3e6h). Why is that, and how can I get the program to run properly?
global main
extern ExitProcess
extern GetStdHandle
extern WriteFile
section .text
main:
mov rcx, 0fffffff5h
call GetStdHandle
mov rcx, rax
mov rdx, NtlpBuffer
mov r8, NtnNBytesToWrite
mov r9, NtlpNBytesWritten
mov dword [rsp - 04h], 00h
call WriteFile
ExitProgram:
mov rcx, 00h
call ExitProcess
section .data
NtlpBuffer: db 'Hello, World!', 00h
NtnNBytesToWrite: dd 0eh
section .bss
NtlpNBytesWritten: resd 01h
编译者
nasm -f win64 test.asm
gcc -s -o test.exe test.obj
推荐答案
[rsp-04h]在堆栈指针下面寻址,这是一个坏主意.无论您写什么内容,都将被call覆盖.
看起来您需要重新了解有关调用约定的知识.必须为寄存器中的4个参数分配阴影空间,并且必须在它们之上放置其他参数.
[rsp-04h] is addressing below the stack pointer, that's a bad idea. Whatever you write there will be overwritten by the call anyway.
Looks like you need to brush up on your knowledge of the calling convention. Shadow space for the 4 arguments in registers have to be allocated and further arguments must be placed on top of them.
另外,要写入的字节数应该是实际的数字,而不是指针.
Also, the number of bytes to write should be the actual number, not a pointer.
global main
extern GetStdHandle
extern WriteFile
section .text
main:
mov rcx, 0fffffff5h
call GetStdHandle
mov rcx, rax
mov rdx, NtlpBuffer
mov r8, [NtnNBytesToWrite]
mov r9, NtlpNBytesWritten
sub rsp, 40
mov dword [rsp + 32], 00h
call WriteFile
add rsp, 40
ExitProgram:
xor eax, eax
ret
section .data
NtlpBuffer: db 'Hello, World!', 00h
NtnNBytesToWrite: dq 0eh
section .bss
NtlpNBytesWritten: resd 01h
这篇关于如何正确调用汇编中的64位Windows API的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
