逆向-beginners之乘法(非乘法运算指令配合位移指令实现)
#include
int f1(int a)
{
return a * 7;
}
int f2(int a)
{
return a * 28;
}
int f3(int a)
{
return a * 17;
}
void main()
{}
#if 0
*7,*17,乘法运算仍然可以用非乘法运算指令配合位移指令实现。
ecx = a
eax = ecx * 8
eax = eax - ecx = ecx * 8 - ecx = ecx * 7 = a * 7
eax = eax << 2 = (a * 7) * 4 = a * 28
eax = a
eax = eax << 4 = eax * 16 = a * 16
eax = eax + a = a * 16 + a = a * 17
/*
* arm
*/
r0 = r0 << 3 - r0 = r0 * 8 - r0 = a * 8 - a = a * 7
r0 = r0 << 2 = r0 * 4 = a * 7 * 4 = a * 28
r0 = r0 + r0 << 4 = r0 + r0 * 16 = r0 * 17 = a * 17
r1 = r0 << 3 = a << 3 = a * 8
r0 = r1 - r0 = a * 8 - a = a * 7
r1 = 28
r0 = r1 * r0 = 28 * a
r1 = r0 << 4 = r0 * 16 = a * 16
r0 = r0 + r1 = a + a * 16 = a * 17
#endif
#if 0
/*
* intel
*/
0000000000001129
1129: f3 0f 1e fa endbr64
112d: 55 push %rbp
112e: 48 89 e5 mov %rsp,%rbp
1131: 89 7d fc mov %edi,-0x4(%rbp)
1134: 8b 55 fc mov -0x4(%rbp),%edx
1137: 89 d0 mov %edx,%eax
1139: c1 e0 03 shl $0x3,%eax
113c: 29 d0 sub %edx,%eax
113e: 5d pop %rbp
113f: c3 retq
0000000000001140
1140: f3 0f 1e fa endbr64
1144: 55 push %rbp
1145: 48 89 e5 mov %rsp,%rbp
1148: 89 7d fc mov %edi,-0x4(%rbp)
114b: 8b 45 fc mov -0x4(%rbp),%eax
114e: 6b c0 1c imul $0x1c,%eax,%eax
1151: 5d pop %rbp
1152: c3 retq
0000000000001153
1153: f3 0f 1e fa endbr64
1157: 55 push %rbp
1158: 48 89 e5 mov %rsp,%rbp
115b: 89 7d fc mov %edi,-0x4(%rbp)
115e: 8b 55 fc mov -0x4(%rbp),%edx
1161: 89 d0 mov %edx,%eax
1163: c1 e0 04 shl $0x4,%eax
1166: 01 d0 add %edx,%eax
1168: 5d pop %rbp
1169: c3 retq
000000000000116a
116a: f3 0f 1e fa endbr64
116e: 55 push %rbp
116f: 48 89 e5 mov %rsp,%rbp
1172: 90 nop
1173: 5d pop %rbp
1174: c3 retq
1175: 66 2e 0f 1f 84 00 00 nopw %cs:0x0(%rax,%rax,1)
117c: 00 00 00
117f: 90 nop
/*
* arm
*/
000000000040051c
40051c: d10043ff sub sp, sp, #0x10
400520: b9000fe0 str w0, [sp, #12]
400524: b9400fe1 ldr w1, [sp, #12]
400528: 2a0103e0 mov w0, w1
40052c: 531d7000 lsl w0, w0, #3
400530: 4b010000 sub w0, w0, w1
400534: 910043ff add sp, sp, #0x10
400538: d65f03c0 ret
000000000040053c
40053c: d10043ff sub sp, sp, #0x10
400540: b9000fe0 str w0, [sp, #12]
400544: b9400fe1 ldr w1, [sp, #12]
400548: 2a0103e0 mov w0, w1
40054c: 531d7000 lsl w0, w0, #3
400550: 4b010000 sub w0, w0, w1
400554: 531e7400 lsl w0, w0, #2
400558: 910043ff add sp, sp, #0x10
40055c: d65f03c0 ret
0000000000400560
400560: d10043ff sub sp, sp, #0x10
400564: b9000fe0 str w0, [sp, #12]
400568: b9400fe1 ldr w1, [sp, #12]
40056c: 2a0103e0 mov w0, w1
400570: 531c6c00 lsl w0, w0, #4
400574: 0b010000 add w0, w0, w1
400578: 910043ff add sp, sp, #0x10
40057c: d65f03c0 ret
0000000000400580
400580: d503201f nop
400584: d65f03c0 ret
#endif