6日目の解析 - HobbyOSs/opennask GitHub Wiki
- これを実装すればマウスが動く
新規の命令だけピックアップ
-
naskfunc.nas
harib03e
_asm_inthandler21:
PUSH ES
PUSH DS
PUSHAD
MOV EAX,ESP
PUSH EAX
MOV AX,SS
MOV DS,AX
MOV ES,AX
CALL _inthandler21
POP EAX
POPAD
POP DS
POP ES
IRETD
_asm_inthandler27:
PUSH ES
PUSH DS
PUSHAD
MOV EAX,ESP
PUSH EAX
MOV AX,SS
MOV DS,AX
MOV ES,AX
CALL _inthandler27
POP EAX
POPAD
POP DS
POP ES
IRETD
_asm_inthandler2c:
PUSH ES
PUSH DS
PUSHAD
MOV EAX,ESP
PUSH EAX
MOV AX,SS
MOV DS,AX
MOV ES,AX
CALL _inthandler2c
POP EAX
POPAD
POP DS
POP ES
IRETD
COFFのオブジェクトファイル
EXTERN宣言のシンボルテーブルと、GLOBAL宣言のシンボルテーブルは異なるようだ
GLOBAL _asm_inthandler21, _asm_inthandler27, _asm_inthandler2c
EXTERN _inthandler21, _inthandler27, _inthandler2c
セクションテーブルに入る前に謎のバイナリ => 30byte
- シンボル名の数比較
- (3)
EXTERN _inthandler21, _inthandler27, _inthandler2c - (2)
EXTERN _inthandler21, _inthandler27 - (1)
EXTERN _inthandler21
- (3)
(3) 7d 00 00 00 08 00 00 00 14 00 94 00 00 00 09 00 00 00 14 00 ab 00 00 00 0a 00 00 00 14 00
(2) 7d 00 00 00 08 00 00 00 14 00 94 00 00 00 09 00 00 00 14 00
(1) 7d 00 00 00 08 00 00 00 14 00
というわけでこいつらは 5.2. COFF Relocations (Object Only)
-
COFF Relocation
- VirtualAddress 4byte
- SymbolTableIndex 4byte
- Type 2byte: IMAGE_REL_I386_REL32(0x1400) 固定
-
5.2.1. Type Indicators
The 32-bit relative displacement to the
target. This supports the x86 relative branch
and call instructions.