|
作者姓名:马文晓
作者单位:北京信息科技大学软件工程研究中心
电话:64872151,86655772
email:mawenxiao@biti.edu.cn
题目:
发现版本10_w32dasm.exe调试如下c文件写成的rpl_t22u.exe出现错误(把搜索结果重定向到普
通文件f,仍然显出STDOUT>f,不通过w32dasm而选定pry_rpl功能运行(输入3),就能在f中得出位
移结果src_bias_ 00000000:)
命令行参数:rpl_t22u.exe nul rpl_t22u.exe>f
(用vc6编译此c文件时,打开内联选项/ob1)
源文件:
#include <io.h>
#include <conio.h>
#include <stdio.h>
#include <locale.h>
#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#define CTL_C 3
#define PAD_SZ 32
#define k4_open(a,m) if(NULL==(ptr_FILE[a]=fopen(av[a],m)))err_shut(a);
void err_shut(char e){
if(e)printf("\narg%d:%s",e,strerror(errno));//+CR=_strerror(NULL)
_fcloseall();
exit(0);
}
union{
float fractn;
char *old_raw;
}OLD;
__inline void calloc_old_raw(char a,int n){//禁/Zl
OLD.old_raw=calloc(n,sizeof(char));
/*if /Ob1
else
push 1;sizeof*char)
mov eax,DWORD PTR _n$[ebp]
push eax
call _calloc
add esp,8
endif*/
if(NULL==OLD.old_raw)err_shut(a);
}
void main(int ac,char *av[]){
FILE *ptr_FILE[5];
char *src_and_old;
union{
char *new_raw;
unsigned long ul;
unsigned long *ptr_ul;
}New;
_off_t old_sz,bean;
union{
char pad[PAD_SZ];//rplhznet_rd
struct _stat stat;
}RANK;
union{
unsigned long ul;
wchar_t *ptr_wchar;
}T22U;
char use;
fprintf(stderr,"\
src(use_3:arg3_old_detail[&arg4_new];if 2=argc:STDOUT_char_freqency)\
aim(<-[0,ff]16*16_scr_blk,if old=new)pry_rpl:3;text_format->unicode:2;<-:1;\
trim_rplhznet.exe`rpl`mode_clip_cp->550d0a..56->U0d0aV:0;TTY<-[0,ff]ASCII&\
arg4 is [1~4G)%%x->(aim_sz=arg4&_detail<-[0-9A-B])if \"type
nul>old\";^c:future_act_close:");
if(ac<2)_exit(0);
if(_stat(av[1],&RANK.stat))err_shut(1);
if(!RANK.stat.st_size)_exit(0);
k4_open(1,"rb")
if(2==ac){
T22U.ul=(unsigned long)RANK.stat.st_size;
fprintf(stderr,"\nsrc_sz:%#x...\n",T22U.ul);
calloc_old_raw(1,16*16*sizeof(unsigned long));
/*if /Ob1
mov DWORD PTR $T1264[ebp],1024
push 1
mov ecx,DWORD PTR $T1264[ebp]
push ecx
call _calloc
else
push 1024
push 1
call _calloc_old_raw
endif
add esp,8*/
for(;;){
use=fread(RANK.pad,sizeof(char),PAD_SZ,ptr_FILE[1]);//ret full_item_cnt
if(!use)break;
for(ac=0;ac!=use;ac++){
New.ptr_ul=(unsigned long*)(OLD.old_raw+sizeof(unsigned long)*RANK.pad[ac]);
*New.ptr_ul=1+*New.ptr_ul;
}
}
New.ptr_ul=(unsigned long*)OLD.old_raw;
OLD.fractn=(float)T22U.ul;
for(ac=0;ac!=256;ac++,New.ptr_ul++){
if(!ac||*New.ptr_ul>T22U.ul){
bean=ac;
T22U.ul=*New.ptr_ul;
}
if(!use){
if(!(ac%4))printf("%#x-%#x:\n",ac,ac+3);
printf("%# 8x,%%=%.2f;",*New.ptr_ul,(*New.ptr_ul/OLD.fractn)*100);
if(3==(ac%4)){
fprintf(stderr,"row %x ",ac-3);//改stdout向
if(CTL_C==_getch())use++;
printf("\n");
}
}
}
printf("1st_most:%.2f%% at ASCII_%#x",(T22U.ul/OLD.fractn)*100,bean);
err_shut(0);
}
k4_open(2,"wb")
use=_getche();
if('0'==use){//3535306430613536显于dbg_d
RANK.pad[2]=0;
for(;;){
if(!fread(RANK.pad,sizeof(char),2,ptr_FILE[1]))err_shut(0);
if(RANK.pad[0]!=13){//rpl->:xlt|mode
RANK.stat.st_size=strtol(RANK.pad,av,16);
fwrite(&RANK.stat.st_size,sizeof(char),1,ptr_FILE[2]);
}
}
}
if('3'==use){
if(4==ac){
if(_isatty(_fileno(stdout))){//>con
fprintf(stderr,"\nSTDOUT>f");//>nul,即使_cprintf
err_shut(0);
}else
use='n';
}else
if(5!=ac)
err_shut(0);
if(_stat(av[3],&RANK.stat))err_shut(3);
if(!(old_sz=RANK.stat.st_size)){
for(ac=0;ac!=256;ac++){//MS_specific:4_byte
fprintf(stderr,"\n%02x:",ac);
_putch(ac);
if(CTL_C==_getche())break;
}
New.ul=strtoul(av[4],av,16);//ULONG_MAX(4g-1)<-4g
if(New.ul){
for(use='0';use<='9';use++)
RANK.pad[use-'0']=RANK.pad[PAD_SZ/2+use-'0']=use;
for(use='A';use<='F';use++)
RANK.pad[10+use-'A']=RANK.pad[PAD_SZ/2+10+use-'A']=use;
}
printf("\narg4_strtoul_fact_return=%x",New.ul);
while(New.ul){
use=PAD_SZ;
if(New.ul<PAD_SZ)use=(unsigned char)New.ul;
fwrite(RANK.pad,sizeof(char),use,ptr_FILE[2]);
New.ul-=use;
}
err_shut(0);
}
if(4==ac)
RANK.stat.st_size=0;
else
if(_stat(av[4],&RANK.stat))err_shut(4);
src_and_old=malloc((1+1)*old_sz+RANK.stat.st_size);//单MCB
if(NULL==src_and_old)err_shut(3);
OLD.old_raw=src_and_old+old_sz;
k4_open(3,"rb")
fread(OLD.old_raw,sizeof(char),old_sz,ptr_FILE[3]);
fclose(ptr_FILE[3]);
if(RANK.stat.st_size){
New.new_raw=OLD.old_raw+old_sz;
k4_open(4,"rb")
fread(New.new_raw,sizeof(char),RANK.stat.st_size,ptr_FILE[4]);
fclose(ptr_FILE[4]);
if(!(old_sz-RANK.stat.st_size)&&!memcmp(OLD.old_raw,New.new_raw,old_sz))ptr_FILE
[3]=0;
}
fprintf(stderr,"\ns(ensitive_case)");//scanf:98!=2k
*av[0]=_getche();
if(CTL_C==*av[0])err_shut(0);
fprintf(stderr,"\n");
for(;;){
bean=fread(src_and_old,sizeof(char),old_sz,ptr_FILE[1]);
if(bean!=old_sz){
if(5==ac){
if(ptr_FILE[3]){
if(bean)
fwrite(src_and_old,sizeof(char),bean,ptr_FILE[2]);
}else
for(ac=0;ac!=16*16;ac++){
if(ac)
memset(OLD.old_raw,ac,16*16);
else
calloc_old_raw(2,16*16);
fwrite(OLD.old_raw,sizeof(char),16*16,ptr_FILE[2]);
}
}
err_shut(0);
}
if('s'==*av[0]&&memcmp(src_and_old,OLD.old_raw,old_sz)||'s'!=*av[0]&&_memicmp(sr
c_and_old,OLD.old_raw,old_sz)){
if(old_sz>1)
fseek(ptr_FILE[1],1-old_sz,SEEK_CUR);
if(5==ac&&ptr_FILE[3])
fwrite(src_and_old,sizeof(char),1,ptr_FILE[2]);
}else{
if('N'!=use&&'Y'!=use){
printf("src_bias_%#10.8x:",ftell(ptr_FILE[1])-old_sz);
if(5==ac){
fprintf(stderr,"rpl(n(o_now)|y(es_now)|No,Yes(from now on))");
use=_getche();
if(CTL_C==use)err_shut(0);
}
}
if(ptr_FILE[3])
if('Y'==use||'y'==use)
fwrite(New.new_raw,sizeof(char),RANK.stat.st_size,ptr_FILE[2]);
else
if(5==ac)
fwrite(src_and_old,sizeof(char),old_sz,ptr_FILE[2]);
if('N'!=use&&'Y'!=use)
printf("\n");
}
}
}
if('2'==use){
calloc_old_raw(1,RANK.stat.st_size+sizeof(char));//mbstowcs的SZ失求,需尾0
fread(OLD.old_raw,sizeof(char),RANK.stat.st_size,ptr_FILE[1]);
T22U.ptr_wchar=malloc(RANK.stat.st_size*2);
if(NULL==T22U.ptr_wchar)err_shut(1);
RANK.stat.st_size=mbstowcs(T22U.ptr_wchar,OLD.old_raw,RANK.stat.st_size);//返回0
前的合法成char数
}else
if('1'==use){//u->t
fseek(ptr_FILE[1],sizeof(wchar_t),SEEK_SET);//跳uni头
RANK.stat.st_size-=sizeof(wchar_t);
T22U.ptr_wchar=calloc(RANK.stat.st_size+sizeof(wchar_t),sizeof(char));//wcstombs
的SZ失求,需尾L0
if(NULL==T22U.ptr_wchar)err_shut(1);
fread(T22U.ptr_wchar,sizeof(char),RANK.stat.st_size,ptr_FILE[1]);
OLD.old_raw=malloc(RANK.stat.st_size);
if(NULL==OLD.old_raw)err_shut(1);
RANK.stat.st_size=wcstombs(OLD.old_raw,T22U.ptr_wchar,RANK.stat.st_size);//返回L
0前的合法成char数
}else
err_shut(0);
printf("\nlocale.code_page:%s",setlocale(LC_CTYPE,".OCP"));//OEM
if(RANK.stat.st_size!=-1)
if('2'==use){
fprintf(ptr_FILE[2],"%c%c%",255,254);//添uni头
fwrite(T22U.ptr_wchar,sizeof(char),RANK.stat.st_size*2,ptr_FILE[2]);
}else
fwrite(OLD.old_raw,sizeof(char),RANK.stat.st_size,ptr_FILE[2]);
else
printf("\nuse_%c_convert_err",use);
err_shut(0);
}
附件下载:http://bbs.itqoo.com/viewthread.php?tid=6945&page=1&extra=page%3D1#pid7369
 |
频道声明:本频道的文章除部分特别声明禁止转载的专稿外,可以自由转载.但请务必注明出出处和原始作者 文章版权归本频道与文章作者所有.对于被频道转载文章的个人和网站,我们表示深深的谢意。
| 原始作者:马文晓 |
录入时间:2007-2-1 14:18:37 |
| 信息来源:本站原创 |
投稿信箱:itqoo@126.com |
|
|
 |
|
用户登录 
新用户注册 
网友评论:(只显示最新10条。评论内容只代表网友观点,与本站立场无关!) 