指针与数组

1. 基本类型传参：值传递

#include <stdio.h>

void plus(int p)
{
    p = p + 1;
}

int main()
{
    int x = 1;
    plus(x);
    printf("%d\n", x);
    return 0;
}

8:    int main()
9:    {
0040D750   push        ebp
0040D751   mov         ebp,esp
0040D753   sub         esp,44h
0040D756   push        ebx
0040D757   push        esi
0040D758   push        edi
0040D759   lea         edi,[ebp-44h]
0040D75C   mov         ecx,11h
0040D761   mov         eax,0CCCCCCCCh
0040D766   rep stos    dword ptr [edi]
10:       int x = 1;
0040D768   mov         dword ptr [ebp-4],1
11:       plus(x);
0040D76F   mov         eax,dword ptr [ebp-4] // 只是把值取出来
0040D772   push        eax
0040D773   call        @ILT+5(plus) (0040100a)
0040D778   add         esp,4
12:       printf("%d\n", x);
0040D77B   mov         ecx,dword ptr [ebp-4]
0040D77E   push        ecx
0040D77F   push        offset string "%d\n" (0042201c)
0040D784   call        printf (0040d6d0)
0040D789   add         esp,8
13:       return 0;
0040D78C   xor         eax,eax
14:   }
0040D78E   pop         edi
0040D78F   pop         esi
0040D790   pop         ebx
0040D791   add         esp,44h
0040D794   cmp         ebp,esp
0040D796   call        __chkesp (0040d690)
0040D79B   mov         esp,ebp
0040D79D   pop         ebp
0040D79E   ret

2. 数组作为参数: 引用传递

#include <stdio.h>

void changeArr(int arr[])
{
    arr[0] = 10;
}

int main()
{
    int Arr[] = {1, 2, 3};
    changeArr(Arr);

    for (int i = 0; i < 3; i++)
    {
        printf("%d\n", Arr[i]);
    }

    return 0;
}

10:       int Arr[] = {1, 2, 3};
0040D768   mov         dword ptr [ebp-0Ch],1
0040D76F   mov         dword ptr [ebp-8],2
0040D776   mov         dword ptr [ebp-4],3
11:       changeArr(Arr);
0040D77D   lea         eax,[ebp-0Ch]   // 传递的地址，数组首个元素的地址
0040D780   push        eax
0040D781   call        @ILT+10(changeArr) (0040100f)
0040D786   add         esp,4
12:
13:       for (int i = 0; i < 3; i++)
0040D789   mov         dword ptr [ebp-10h],0
0040D790   jmp         main+4Bh (0040d79b)
0040D792   mov         ecx,dword ptr [ebp-10h]
0040D795   add         ecx,1
0040D798   mov         dword ptr [ebp-10h],ecx
0040D79B   cmp         dword ptr [ebp-10h],3
0040D79F   jge         main+68h (0040d7b8)
14:       {
15:           printf("%d\n", Arr[i]);
0040D7A1   mov         edx,dword ptr [ebp-10h]
0040D7A4   mov         eax,dword ptr [ebp+edx*4-0Ch]
0040D7A8   push        eax
0040D7A9   push        offset string "%d\n" (0042201c)
0040D7AE   call        printf (0040d6d0)
0040D7B3   add         esp,8
16:       }
0040D7B6   jmp         main+42h (0040d792)
17:
18:       return 0;

3. 取数组的首地址作为参数，反汇编与 2 一摸一样

#include <stdio.h>

void changeArr(int *p, int length)
{
    *(p) = 10;
    for (int i = 0; i < length; i++)
    {
        printf("func: %d\n", *(p + i));
    }
}

int main()
{
    int Arr[] = {1, 2, 3};
    changeArr(&Arr[0], 3);

    for (int i = 0; i < 3; i++)
    {
        printf("main: %d\n", Arr[i]);
    }

    return 0;
}


1:    #include <stdio.h>
2:
3:    void changeArr(int *p, int length)
4:    {
0040D7D0   push        ebp
0040D7D1   mov         ebp,esp
0040D7D3   sub         esp,44h
0040D7D6   push        ebx
0040D7D7   push        esi
0040D7D8   push        edi
0040D7D9   lea         edi,[ebp-44h]
0040D7DC   mov         ecx,11h
0040D7E1   mov         eax,0CCCCCCCCh
0040D7E6   rep stos    dword ptr [edi]
5:        *(p) = 10;
0040D7E8   mov         eax,dword ptr [ebp+8] // 数组首地址
0040D7EB   mov         dword ptr [eax],0Ah
6:        for (int i = 0; i < length; i++)
0040D7F1   mov         dword ptr [ebp-4],0
0040D7F8   jmp         changeArr+33h (0040d803)
0040D7FA   mov         ecx,dword ptr [ebp-4]
0040D7FD   add         ecx,1
0040D800   mov         dword ptr [ebp-4],ecx
0040D803   mov         edx,dword ptr [ebp-4]
0040D806   cmp         edx,dword ptr [ebp+0Ch]
0040D809   jge         changeArr+54h (0040d824)
7:        {
8:            printf("func: %d\n", *(p + i));
0040D80B   mov         eax,dword ptr [ebp-4]      // eax 索引
0040D80E   mov         ecx,dword ptr [ebp+8]      // 数组首地址
0040D811   mov         edx,dword ptr [ecx+eax*4]  // +1 相当于 +4(int类型)
0040D814   push        edx
0040D815   push        offset string "func: %d\n" (00422f9c)
0040D81A   call        printf (0040d6d0)          // 传给 printf 函数
0040D81F   add         esp,8
9:        }
0040D822   jmp         changeArr+2Ah (0040d7fa)
10:   }


12:   int main()
13:   {
0040D750   push        ebp
0040D751   mov         ebp,esp
0040D753   sub         esp,50h
0040D756   push        ebx
0040D757   push        esi
0040D758   push        edi
0040D759   lea         edi,[ebp-50h]
0040D75C   mov         ecx,14h
0040D761   mov         eax,0CCCCCCCCh
0040D766   rep stos    dword ptr [edi]
14:       int Arr[] = {1, 2, 3};
0040D768   mov         dword ptr [ebp-0Ch],1
0040D76F   mov         dword ptr [ebp-8],2
0040D776   mov         dword ptr [ebp-4],3
15:       changeArr(&Arr[0], 3);
0040D77D   push        3              // 传参
0040D77F   lea         eax,[ebp-0Ch]  // 传地址
0040D782   push        eax
0040D783   call        @ILT+15(changeArr) (00401014)
0040D788   add         esp,8
16:
17:       for (int i = 0; i < 3; i++)
0040D78B   mov         dword ptr [ebp-10h],0
0040D792   jmp         main+4Dh (0040d79d)
0040D794   mov         ecx,dword ptr [ebp-10h]
0040D797   add         ecx,1
0040D79A   mov         dword ptr [ebp-10h],ecx
0040D79D   cmp         dword ptr [ebp-10h],3
0040D7A1   jge         main+6Ah (0040d7ba)
18:       {
19:           printf("main: %d\n", Arr[i]);
0040D7A3   mov         edx,dword ptr [ebp-10h]
0040D7A6   mov         eax,dword ptr [ebp+edx*4-0Ch]
0040D7AA   push        eax
0040D7AB   push        offset string "main: %d\n" (00422fa8)
0040D7B0   call        printf (0040d6d0)
0040D7B5   add         esp,8
20:       }
0040D7B8   jmp         main+44h (0040d794)
21:
22:       return 0;
0040D7BA   xor         eax,eax
23:   }
0040D7BC   pop         edi
0040D7BD   pop         esi
0040D7BE   pop         ebx
0040D7BF   add         esp,50h
0040D7C2   cmp         ebp,esp
0040D7C4   call        __chkesp (0040d690)
0040D7C9   mov         esp,ebp
0040D7CB   pop         ebp
0040D7CC   ret