标题:ASNI 与 UNICODE 的选择!
只看楼主
sll0807
Rank: 3Rank: 3
等 级:论坛游侠
威 望:5
帖 子:69
专家分:123
注 册:2009-3-2
结帖率:100%
已结贴  问题点数:0 回复次数:10 
ASNI 与 UNICODE 的选择!
我们来看 Hello Word!到例子 !~~
程序代码:
.386
.Model Flat, StdCall
Option Casemap :None

Include        Windows.inc
Include        User32.inc
Include        Kernel32.inc

Include        /MASMPlus/macros/Strings.mac

IncludeLib    User32.lib
IncludeLib    Kernel32.lib

.Code

Start Proc

    invoke    MessageBoxW,NULL,$CTW0("AAAAW"),0,0    
    ret
    
Start EndP

End Start

先从UNICODE函数说起 !~

以下是OD跟踪 MessageBoxW 过程

程序代码:
MessageBoxW:

00401000 >  6A 00           push    0                    ; uType
00401002    6A 00           push    0                    ; lpCaption
00401004    68 08204000     push    00402008                ; lpText  UNICODE "AAAAW"
00401009    6A 00           push    0                    ; hWnd
0040100B    E8 02000000     call    <jmp.&user32.MessageBoxW>        ; 这里CALL进去看        
00401010    C3              retn

00401011    CC              int3
00401012  - FF25 00204000   jmp     dword ptr [<&user32.MessageBoxW>>; user32.MessageBoxW ; JMP过去

MessageBoxW 函数

77D6630A >/$  8BFF          mov     edi, edi
----------------------------------------------------------------------------------------------------
77D6630C  |.  55            push    ebp
77D6630D  |.  8BEC          mov     ebp, esp                ; 建立堆栈框架 
----------------------------------------------------------------------------------------------------
77D6630F  |.  833D BC04D777>cmp     dword ptr [77D704BC], 0        ; 全局变量 初始 0
77D66316  |.  74 24         je      short 77D6633C            ; 跳转 到 77D6633C
77D66318  |.  64:A1 1800000>mov     eax, dword ptr fs:[18]
77D6631E  |.  6A 00         push    0
77D66320  |.  FF70 24       push    dword ptr [eax+24]
77D66323  |.  68 240BD777   push    77D70B24
77D66328  |.  FF15 C812D177 call    dword ptr [<&KERNEL32.Interlocke>;  kernel32.InterlockedCompareExchange
77D6632E  |.  85C0          test    eax, eax
77D66330  |.  75 0A         jnz     short 77D6633C
77D66332  |.  C705 200BD777>mov     dword ptr [77D70B20], 1
----------------------------------------------------------------------------------------------------
77D6633C  |>  6A 00         push    0                    ; /wLanguageId 
77D6633E  |.  FF75 14       push    dword ptr [ebp+14]            ; |uType
77D66341  |.  FF75 10       push    dword ptr [ebp+10]            ; |lpCaption
77D66344  |.  FF75 0C       push    dword ptr [ebp+C]            ; |lpText
77D66347  |.  FF75 08       push    dword ptr [ebp+8]            ; |hWnd
77D6634A  |.  E8 89A2FEFF   call    MessageBoxExW            ; 内部调用 MessageBoxExW 这里CALL进去
----------------------------------------------------------------------------------------------------
77D6634F  |.  5D            pop     ebp
77D66350  \.  C2 1000       retn    10

MessageBoxExW 函数

77D505D8 >/$  8BFF          mov     edi, edi
----------------------------------------------------------------------------------------------------
77D505DA  |.  55            push    ebp
77D505DB  |.  8BEC          mov     ebp, esp
----------------------------------------------------------------------------------------------------
77D505DD  |.  6A FF         push    -1                    ; dwMilliseconds
77D505DF  |.  FF75 18       push    dword ptr [ebp+18]            ; wLanguageId
77D505E2  |.  FF75 14       push    dword ptr [ebp+14]            ; uType
77D505E5  |.  FF75 10       push    dword ptr [ebp+10]            ; lpCaption
77D505E8  |.  FF75 0C       push    dword ptr [ebp+C]            ; lpText
77D505EB  |.  FF75 08       push    dword ptr [ebp+8]            ; hWnd
77D505EE  |.  E8 665B0100   call    MessageBoxTimeoutW            ; 内部调用 MessageBoxTimeoutW 这里CALL进去
----------------------------------------------------------------------------------------------------
77D505F3  |.  5D            pop     ebp
77D505F4  \.  C2 1400       retn    14

MessageBoxTimeoutW 函数 未文档化

77D66159 >/$  8BFF          mov     edi, edi
----------------------------------------------------------------------------------------------------
77D6615B  |.  55            push    ebp
77D6615C  |.  8BEC          mov     ebp, esp
77D6615E  |.  83EC 4C       sub     esp, 4C                ; 堆栈框架    局部变量 共76字节
----------------------------------------------------------------------------------------------------
77D66161  |.  57            push    edi                    ; 保存EDI        
----------------------------------------------------------------------------------------------------
77D66162  |.  33C0          xor     eax, eax                ; eax == 0
77D66164  |.  6A 13         push    13
77D66166  |.  59            pop     ecx                    ; ecx == 13h
77D66167  |.  8D7D B4       lea     edi, dword ptr [ebp-4C]
77D6616A  |.  F3:AB         rep     stos dword ptr es:[edi]        ; edi 指向区域 填0 13h*4字节 76 字节
                                    ; 也就是说 将所有局部变量 填0 初始化
----------------------------------------------------------------------------------------------------
77D6616C  |.  8B45 08       mov     eax, dword ptr [ebp+8]
77D6616F  |.  8945 B8       mov     dword ptr [ebp-48], eax        ; hWnd -> dword ptr [ebp-48]
----------------------------------------------------------------------------------------------------
77D66172  |.  8B45 0C       mov     eax, dword ptr [ebp+C]
77D66175  |.  8945 C0       mov     dword ptr [ebp-40], eax        ; lpText -> dword ptr [ebp-40]
----------------------------------------------------------------------------------------------------
77D66178  |.  8B45 10       mov     eax, dword ptr [ebp+10]
77D6617B  |.  8945 C4       mov     dword ptr [ebp-3C], eax        ; lpCaption -> dword ptr [ebp-3C]
----------------------------------------------------------------------------------------------------
77D6617E  |.  8B45 14       mov     eax, dword ptr [ebp+14]
77D66181  |.  8945 C8       mov     dword ptr [ebp-38], eax        ; uType -> dword ptr [ebp-38]
----------------------------------------------------------------------------------------------------
77D66184  |.  66:8B45 18    mov     ax, word ptr [ebp+18]        ; wLanguageId -> ax
----------------------------------------------------------------------------------------------------
77D66188  |.  33C9          xor     ecx, ecx                ; ecx清0
----------------------------------------------------------------------------------------------------
77D6618A  |.  390D BC04D777 cmp     dword ptr [77D704BC], ecx        ; dword ptr [77D704BC] 全局变量初始为0
----------------------------------------------------------------------------------------------------
77D66190  |.  66:8945 E0    mov     word ptr [ebp-20], ax        ; wLanguageId -> word ptr [ebp-20]
----------------------------------------------------------------------------------------------------
77D66194  |.  8B45 1C       mov     eax, dword ptr [ebp+1C]        ; dwMilliseconds -> eax
----------------------------------------------------------------------------------------------------
77D66197  |.  C745 B4 28000>mov     dword ptr [ebp-4C], 28        ; dword ptr [ebp-4C] 填28h
----------------------------------------------------------------------------------------------------
77D6619E  |.  894D BC       mov     dword ptr [ebp-44], ecx        ; dword ptr [ebp-44] 填0
----------------------------------------------------------------------------------------------------
77D661A1  |.  8945 F8       mov     dword ptr [ebp-8], eax        ; dwMilliseconds -> dword ptr [ebp-8]

就是填充局部变量       由以上内容我们得知
局部变量共  4ch(76字节)分布情况如下

dword ptr [ebp-4C] == 28h        4
dword ptr [ebp-48] == hWnd        4
dword ptr [ebp-44] == 0            4
dword ptr [ebp-40] == lpText        4
dword ptr [ebp-3C] == lpCaption        4
dword ptr [ebp-38] == uType        4
word ptr  [ebp-20] == wLanguageId    2
dword ptr [ebp-8]  == dwMilliseconds    4

共 1Eh(30)字节 
----------------------------------------------------------------------------------------------------
77D661A4  |.  5F            pop     edi
----------------------------------------------------------------------------------------------------
77D661A5  |.  74 23         je      short 77D661CA            ;跳 77D661CA
----------------------------------------------------------------------------------------------------
77D661A7  |.  64:A1 1800000>mov     eax, dword ptr fs:[18]
77D661AD  |.  51            push    ecx
77D661AE  |.  FF70 24       push    dword ptr [eax+24]
77D661B1  |.  68 240BD777   push    77D70B24
77D661B6  |.  FF15 C812D177 call    dword ptr [<&KERNEL32.Interlocke>;  kernel32.InterlockedCompareExchange
77D661BC  |.  85C0          test    eax, eax
77D661BE  |.  75 0A         jnz     short 77D661CA
77D661C0  |.  C705 200BD777>mov     dword ptr [77D70B20], 1
----------------------------------------------------------------------------------------------------
77D661CA  |>  8D45 B4       lea     eax, dword ptr [ebp-4C]        ; 跳到这里
77D661CD  |.  50            push    eax
77D661CE  |.  E8 3C3FFDFF   call    77D3A10F                ; MessageBoxWorker   一个参数 CALL进去看 
----------------------------------------------------------------------------------------------------
77D661D3  |.  C9            leave
77D661D4  \.  C2 1800       retn    18

MessageBoxWorker 函数 

77D3A10F   $  8BFF          mov     edi, edi                         ;  ntdll.7C930228
77D3A111   .  55            push    ebp
77D3A112   .  8BEC          mov     ebp, esp
77D3A114   .  81EC 38010000 sub     esp, 138
77D3A11A   .  A1 B801D777   mov     eax, dword ptr [77D701B8]
77D3A11F   .  53            push    ebx
77D3A120   .  56            push    esi
77D3A121   .  8B75 08       mov     esi, dword ptr [ebp+8]
77D3A124   .  33DB          xor     ebx, ebx
77D3A126   .  395E 44       cmp     dword ptr [esi+44], ebx
77D3A129   .  57            push    edi
77D3A12A   .  8B7E 14       mov     edi, dword ptr [esi+14]
77D3A12D   .  8945 FC       mov     dword ptr [ebp-4], eax
77D3A130   .  899D ECFEFFFF mov     dword ptr [ebp-114], ebx
77D3A136   .  75 04         jnz     short 77D3A13C
77D3A138   .  834E 44 FF    or      dword ptr [esi+44], FFFFFFFF
77D3A13C   >  391D BC04D777 cmp     dword ptr [77D704BC], ebx
77D3A142   .  0F85 E9ED0000 jnz     77D48F31
77D3A148   >  391D D807D777 cmp     dword ptr [77D707D8], ebx
77D3A14E   .  0F85 E8ED0000 jnz     77D48F3C
77D3A154   .  395E 10       cmp     dword ptr [esi+10], ebx
77D3A157   .  0F84 2FEE0000 je      77D48F8C
77D3A15D   >  F7C7 00000400 test    edi, 40000
77D3A163   .  0F85 82EE0000 jnz     77D48FEB
77D3A169   >  F7C7 00002200 test    edi, 220000
77D3A16F   .  0F85 9FEE0000 jnz     77D49014
77D3A175   .  8B46 04       mov     eax, dword ptr [esi+4]
77D3A178   .  85C0          test    eax, eax
77D3A17A   .  74 0E         je      short 77D3A18A
77D3A17C   .  50            push    eax                              ; /hWnd
77D3A17D   .  E8 B117FEFF   call    IsWindow                         ; \IsWindow
77D3A182   .  85C0          test    eax, eax
77D3A184   .  0F84 AEEE0000 je      77D49038
77D3A18A   >  8BC7          mov     eax, edi
77D3A18C   .  83E0 0F       and     eax, 0F
77D3A18F   .  83F8 06       cmp     eax, 6
77D3A192   .  8985 E8FEFFFF mov     dword ptr [ebp-118], eax
77D3A198   .  0F87 A1EE0000 ja      77D4903F
77D3A19E   .  0FB698 D820D1>movzx   ebx, byte ptr [eax+77D120D8]
77D3A1A5   .  8BCF          mov     ecx, edi
77D3A1A7   .  C1E9 0E       shr     ecx, 0E
77D3A1AA   .  83E1 01       and     ecx, 1
77D3A1AD   .  C1EF 08       shr     edi, 8
77D3A1B0   .  83E7 0F       and     edi, 0F
77D3A1B3   .  03D9          add     ebx, ecx
77D3A1B5   .  3BFB          cmp     edi, ebx
77D3A1B7   .  89BD F4FEFFFF mov     dword ptr [ebp-10C], edi
77D3A1BD   .  0F83 8DEE0000 jnb     77D49050
77D3A1C3   >  83A5 F8FEFFFF>and     dword ptr [ebp-108], 0
77D3A1CA   .  85DB          test    ebx, ebx
77D3A1CC   .  0FB680 E020D1>movzx   eax, byte ptr [eax+77D120E0]
77D3A1D3   .  76 6F         jbe     short 77D3A244
77D3A1D5   .  8D0485 E820D1>lea     eax, dword ptr [eax*4+77D120E8]
77D3A1DC   .  8985 F0FEFFFF mov     dword ptr [ebp-110], eax
77D3A1E2   >  8B00          mov     eax, dword ptr [eax]
77D3A1E4   .  8B0D 8000D777 mov     ecx, dword ptr [77D70080]
77D3A1EA   .  8D0480        lea     eax, dword ptr [eax+eax*4]
77D3A1ED   .  8DBCC1 000200>lea     edi, dword ptr [ecx+eax*8+200]
77D3A1F4   .  66:8B46 2C    mov     ax, word ptr [esi+2C]
77D3A1F8   .  66:85C0       test    ax, ax
77D3A1FB   .  0F85 5BEE0000 jnz     77D4905C
77D3A201   .  8B85 F8FEFFFF mov     eax, dword ptr [ebp-108]
77D3A207   .  89BC85 D8FEFF>mov     dword ptr [ebp+eax*4-128], edi
77D3A20E   >  8B7F 20       mov     edi, dword ptr [edi+20]
77D3A211   .  83FF 02       cmp     edi, 2
77D3A214   .  8B85 F8FEFFFF mov     eax, dword ptr [ebp-108]
77D3A21A   .  89BC85 C8FEFF>mov     dword ptr [ebp+eax*4-138], edi
77D3A221   .  0F84 78EE0000 je      77D4909F
77D3A227   >  8B85 F0FEFFFF mov     eax, dword ptr [ebp-110]
77D3A22D   .  FF85 F8FEFFFF inc     dword ptr [ebp-108]
77D3A233   .  83C0 04       add     eax, 4
77D3A236   .  399D F8FEFFFF cmp     dword ptr [ebp-108], ebx
77D3A23C   .  8985 F0FEFFFF mov     dword ptr [ebp-110], eax
77D3A242   .^ 72 9E         jb      short 77D3A1E2
77D3A244   >  6A 00         push    0
77D3A246   .  6A 01         push    1
77D3A248   .  E8 7B0B0000   call    77D3ADC8
77D3A24D   .  83BD E8FEFFFF>cmp     dword ptr [ebp-118], 0
77D3A254   .  8D85 C8FEFFFF lea     eax, dword ptr [ebp-138]
77D3A25A   .  8946 30       mov     dword ptr [esi+30], eax
77D3A25D   .  8D85 D8FEFFFF lea     eax, dword ptr [ebp-128]
77D3A263   .  8946 34       mov     dword ptr [esi+34], eax
77D3A266   .  8B85 F4FEFFFF mov     eax, dword ptr [ebp-10C]
77D3A26C   .  8946 3C       mov     dword ptr [esi+3C], eax
77D3A26F   .  895E 38       mov     dword ptr [esi+38], ebx
77D3A272   .  0F85 36EE0000 jnz     77D490AE
77D3A278   .  33C0          xor     eax, eax
77D3A27A   .  40            inc     eax
77D3A27B   >  56            push    esi
77D3A27C   .  8946 40       mov     dword ptr [esi+40], eax
77D3A27F   .  E8 23000000   call    SoftModalMessageBox            ; 到这里 对话框就显示了 不往下跟了 喜欢自己研究吧
77D3A284   .  66:837E 2C 00 cmp     word ptr [esi+2C], 0
77D3A289   .  8BF8          mov     edi, eax
77D3A28B   .  0F85 2FEE0000 jnz     77D490C0
77D3A291   >  8BC7          mov     eax, edi
77D3A293   >  8B4D FC       mov     ecx, dword ptr [ebp-4]
77D3A296   .  5F            pop     edi
77D3A297   .  5E            pop     esi
77D3A298   .  5B            pop     ebx
77D3A299   .  E8 D6E3FDFF   call    77D18674
77D3A29E   .  C9            leave
77D3A29F   .  C2 0400       retn    4


MessageBoxW调用顺序是 

MessageBoxW -> MessageBoxExW -> MessageBoxTimeoutW 

通过以上分析我们可以得知 直接调用 MessageBoxTimeoutW 可以省略很多无用到步骤 
此函数由 USER32导出 

MessageBoxTimeoutW 声明如下

MessageBoxTimeoutW PROTO hWnd:DWORD,lpText:DWORD,lpCaption:DWORD,uType:DWORD,wLanguageId:WORD,dwMilliseconds:DWORD

wLanguageId 是0
dwMilliseconds 是 -1

调用如下:

invoke    MessageBoxTimeoutW,NULL,$CTW0("AAAAW"),0,0,0,-1

好了我们继续看 MessageBoxA函数

程序代码:
.386
.Model Flat, StdCall
Option Casemap :None

Include        Windows.inc
Include        User32.inc
Include        Kernel32.inc

Include        /MASMPlus/macros/Strings.mac

IncludeLib    User32.lib
IncludeLib    Kernel32.lib

.Code

Start Proc

    invoke    MessageBoxA,NULL,$CTA0("AAAAW"),0,0
    ret
    
Start EndP

End Start

OD跟踪如下

程序代码:
00401000 >  6A 00           push    0
00401002    6A 00           push    0
00401004    68 08204000     push    00402008                ; ASCII "AAAAW"
00401009    6A 00           push    0
0040100B    E8 02000000     call    <jmp.&user32.MessageBoxA>        ; call进去看
00401010    C3              retn

00401011    CC              int3
00401012  - FF25 00204000   jmp     dword ptr [<&user32.MessageBoxA>>; user32.MessageBoxA 跳到MessageBoxA函数

MessageBoxA 函数

77D5058A >  8BFF            mov     edi, edi
----------------------------------------------------------------------------------------------------
77D5058C    55              push    ebp
77D5058D    8BEC            mov     ebp, esp                ;堆栈框架
----------------------------------------------------------------------------------------------------
77D5058F    833D BC04D777 0>cmp     dword ptr [77D704BC], 0
77D50596    74 24           je      short 77D505BC
77D50598    64:A1 18000000  mov     eax, dword ptr fs:[18]
77D5059E    6A 00           push    0
77D505A0    FF70 24         push    dword ptr [eax+24]
77D505A3    68 240BD777     push    77D70B24
77D505A8    FF15 C812D177   call    dword ptr [<&KERNEL32.Interlocke>; kernel32.InterlockedCompareExchange
77D505AE    85C0            test    eax, eax
77D505B0    75 0A           jnz     short 77D505BC
77D505B2    C705 200BD777 0>mov     dword ptr [77D70B20], 1
----------------------------------------------------------------------------------------------------
77D505BC    6A 00           push    0                    ; wLanguageId 跳到这里跟 MessageBoxW 一样
77D505BE    FF75 14         push    dword ptr [ebp+14]            ; uType
77D505C1    FF75 10         push    dword ptr [ebp+10]            ; lpCaption 
77D505C4    FF75 0C         push    dword ptr [ebp+C]            ; lpText
77D505C7    FF75 08         push    dword ptr [ebp+8]            ; hWnd
77D505CA    E8 2D000000     call    MessageBoxExA            ; 内部调用MessageBoxExA  CALL进去看 
----------------------------------------------------------------------------------------------------
77D505CF    5D              pop     ebp
77D505D0    C2 1000         retn    10

MessageBoxExA 函数


77D505FC >  8BFF            mov     edi, edi
77D505FE    55              push    ebp
77D505FF    8BEC            mov     ebp, esp                ; 不多说了 都一样看下面
----------------------------------------------------------------------------------------------------
77D50601    6A FF           push    -1                    ; dwMilliseconds
77D50603    FF75 18         push    dword ptr [ebp+18]            ; wLanguageId
77D50606    FF75 14         push    dword ptr [ebp+14]            ; uType
77D50609    FF75 10         push    dword ptr [ebp+10]            ; lpCaption
77D5060C    FF75 0C         push    dword ptr [ebp+C]            ; lpText
77D5060F    FF75 08         push    dword ptr [ebp+8]            ; hWnd
77D50612    E8 C55B0100     call    MessageBoxTimeoutA            ; 内部调用 MessageBoxTimeoutA CALL进去看
----------------------------------------------------------------------------------------------------
77D50617    5D              pop     ebp
77D50618    C2 1400         retn    14

MessageBoxTimeoutA 函数  看完这个 就什么都明白了

77D661DC >  8BFF            mov     edi, edi
----------------------------------------------------------------------------------------------------
77D661DE    55              push    ebp
77D661DF    8BEC            mov     ebp, esp                ; 堆栈框架
----------------------------------------------------------------------------------------------------
77D661E1    51              push    ecx
77D661E2    51              push    ecx
77D661E3    53              push    ebx
77D661E4    56              push    esi                    ; 保存寄存器
----------------------------------------------------------------------------------------------------
77D661E5    33DB            xor     ebx, ebx                ; ebx 清零
----------------------------------------------------------------------------------------------------
77D661E7    57              push    edi                    ; 保存edi
77D661E8    33FF            xor     edi, edi                ; 清零
----------------------------------------------------------------------------------------------------
77D661EA    43              inc     ebx                    ; ebx == 1
----------------------------------------------------------------------------------------------------
77D661EB    83CE FF         or      esi, FFFFFFFF            ; 设置esi为 0FFFFFFFFh(-1)
----------------------------------------------------------------------------------------------------
77D661EE    397D 0C         cmp     dword ptr [ebp+C], edi        ; cmp lpText,0
77D661F1    897D FC         mov     dword ptr [ebp-4], edi        ; dword ptr [ebp-4] 填0
77D661F4    897D F8         mov     dword ptr [ebp-8], edi        ; dword ptr [ebp-8] 填0
----------------------------------------------------------------------------------------------------
77D661F7    74 14           je      short 77D6620D            ; 若对话框文本为0 跳 77D6620D 我们到例子有内容
----------------------------------------------------------------------------------------------------
77D661F9    53              push    ebx                    ; ebx == 1
77D661FA    56              push    esi                    ; esi == 0FFFFFFFFh(-1)
77D661FB    8D45 FC         lea     eax, dword ptr [ebp-4]        ; 
77D661FE    50              push    eax                    ; 
77D661FF    56              push    esi                    ; esi == 0FFFFFFFFh(-1)
77D66200    FF75 0C         push    dword ptr [ebp+C]            ; lpText
77D66203    57              push    edi                    ; edi == 0
77D66204    E8 A44BFBFF     call    MBToWCSEx                ; call 进去自己看吧 ANSI 转 UNICODE
----------------------------------------------------------------------------------------------------

MessageBoxA调用顺序是 

MessageBoxA -> MessageBoxExA -> MessageBoxTimeoutA ->  MBToWCSEx -> MessageBoxTimeoutW

; 下面到不解释了 自己看吧 到这里已经很明确了
 MessageBoxA 实际就是将 ANSI转换成 UNICODE然后调用 MessageBoxTimeoutW
 具体编程过程中应该使用ANSI 还是 UNICODE 大家也应该明确了 呵呵!~~

77D66209    85C0            test    eax, eax
77D6620B    74 29           je      short 77D66236
77D6620D    397D 10         cmp     dword ptr [ebp+10], edi
77D66210    74 28           je      short 77D6623A
77D66212    53              push    ebx
77D66213    56              push    esi
77D66214    8D45 F8         lea     eax, dword ptr [ebp-8]
77D66217    50              push    eax
77D66218    56              push    esi
77D66219    FF75 10         push    dword ptr [ebp+10]
77D6621C    57              push    edi
77D6621D    E8 8B4BFBFF     call    MBToWCSEx
77D66222    85C0            test    eax, eax
77D66224    75 14           jnz     short 77D6623A
77D66226    FF75 FC         push    dword ptr [ebp-4]
77D66229    57              push    edi
77D6622A    FF35 2402D777   push    dword ptr [77D70224]
77D66230    FF15 A413D177   call    dword ptr [<&KERNEL32.HeapFree>] ; ntdll.RtlFreeHeap
77D66236    33C0            xor     eax, eax
77D66238    EB 65           jmp     short 77D6629F
77D6623A    393D BC04D777   cmp     dword ptr [77D704BC], edi
77D66240    74 1F           je      short 77D66261
77D66242    64:A1 18000000  mov     eax, dword ptr fs:[18]
77D66248    57              push    edi
77D66249    FF70 24         push    dword ptr [eax+24]
77D6624C    68 240BD777     push    77D70B24
77D66251    FF15 C812D177   call    dword ptr [<&KERNEL32.Interlocke>; kernel32.InterlockedCompareExchange
77D66257    85C0            test    eax, eax
77D66259    75 06           jnz     short 77D66261
77D6625B    891D 200BD777   mov     dword ptr [77D70B20], ebx
---------------------------------------------------------------------
77D66261    FF75 1C         push    dword ptr [ebp+1C]
77D66264    FF75 18         push    dword ptr [ebp+18]
77D66267    FF75 14         push    dword ptr [ebp+14]
77D6626A    FF75 F8         push    dword ptr [ebp-8]
77D6626D    FF75 FC         push    dword ptr [ebp-4]
77D66270    FF75 08         push    dword ptr [ebp+8]
77D66273    E8 E1FEFFFF     call    MessageBoxTimeoutW           这里 看 呵呵!~~
----------------------------------------------------------------------
77D66278    FF75 FC         push    dword ptr [ebp-4]
77D6627B    8B35 A413D177   mov     esi, dword ptr [<&KERNEL32.HeapF>; ntdll.RtlFreeHeap
77D66281    57              push    edi
77D66282    FF35 2402D777   push    dword ptr [77D70224]
77D66288    8BD8            mov     ebx, eax
77D6628A    FFD6            call    esi
77D6628C    397D F8         cmp     dword ptr [ebp-8], edi
77D6628F    74 0C           je      short 77D6629D
77D66291    FF75 F8         push    dword ptr [ebp-8]
77D66294    57              push    edi
77D66295    FF35 2402D777   push    dword ptr [77D70224]
77D6629B    FFD6            call    esi
77D6629D    8BC3            mov     eax, ebx
77D6629F    5F              pop     edi
77D662A0    5E              pop     esi
77D662A1    5B              pop     ebx
77D662A2    C9              leave
77D662A3    C2 1800         retn    18


MessageBoxTimeoutW 调用:

程序代码:
.386
.Model Flat, StdCall
Option Casemap :None

Include        Windows.inc
Include        User32.inc
Include        Kernel32.inc

Include        /MASMPlus/macros/Strings.mac

IncludeLib    User32.lib
IncludeLib    Kernel32.lib

MessageBoxTimeoutW PROTO hWnd:DWORD,lpText:DWORD,lpCaption:DWORD,uType:DWORD,wLanguageId:WORD,dwMilliseconds:DWORD

.Code

Start Proc
    
    invoke    MessageBoxTimeoutW,NULL,$CTW0("AAAAW"),0,0,0,-1
    ;  MessageBoxTimeoutW 是 具有 定时器功能到
    ; dwMilliseconds 参数用于指定 定时器 单位毫秒 -1 永远不关闭 
    invoke    MessageBoxTimeoutW,NULL,$CTW0("AAAAW"),0,0,0,1000  ;1秒自动关闭
    ret
    
Start EndP

End Start




[ 本帖最后由 sll0807 于 2009-10-16 16:03 编辑 ]
搜索更多相关主题的帖子: UNICODE 选择 ASNI 
2009-10-16 12:55
东海一鱼
Rank: 13Rank: 13Rank: 13Rank: 13
等 级:贵宾
威 望:48
帖 子:757
专家分:4760
注 册:2009-8-10
得分:10 
啊,不错。
做教学很好。实用效果不大。因为这个并不常用。

如果追求实战速度,最好能把Kernel32中的包装全部去掉,对应到Ntdll.dll的函数中。GDI、GDI+中的函数再深挖一下。

搞出个“Direct Win32Api SDK”

[ 本帖最后由 东海一鱼 于 2009-10-16 15:16 编辑 ]

举世而誉之而不加劝,举世而非之而不加沮,定乎内外之分,辩乎荣辱之境,斯已矣。彼其于世未数数然也。
2009-10-16 15:13
sll0807
Rank: 3Rank: 3
等 级:论坛游侠
威 望:5
帖 子:69
专家分:123
注 册:2009-3-2
得分:0 
哈哈  貌似我写跑题了 哈哈!~

实质在于 推荐使用 Unicode



Direct Win32Api SDK 很好很强大 哈哈
2009-10-16 15:53
zklhp
Rank: 20Rank: 20Rank: 20Rank: 20Rank: 20
来 自:china
等 级:贵宾
威 望:254
帖 子:11485
专家分:33241
注 册:2007-7-10
得分:10 
但怎么直接产生unicode的中文字符串~
2009-10-17 19:29
sll0807
Rank: 3Rank: 3
等 级:论坛游侠
威 望:5
帖 子:69
专家分:123
注 册:2009-3-2
得分:0 
程序代码:
.386 
.Model Flat,StdCall 
Option Casemap :None 
 
Include        Windows.inc 
Include        User32.inc 
Include        Kernel32.inc 
 
Include        /MASMPlus/Macros/Strings.Mac 
 
IncludeLib    User32.lib 
IncludeLib    Kernel32.lib 
 
MessageBoxTimeoutW PROTO hWnd:DWORD,lpText:DWORD,lpCaption:DWORD,uType:DWORD,wLanguageId:WORD,dwMilliseconds:DWORD 
 
.Data? 
usText        db    128 dup (?) 
usCaption    db    128 dup (?) 
 
.Code 
 
Ascii2Unicode     Proc _lpwszReturnBuf:DWORD,_lpszSourceBuf:DWORD 
     
    pushad 
    invoke    lstrlen,_lpszSourceBuf 
    inc        eax 
    invoke    MultiByteToWideChar,CP_ACP,0,_lpszSourceBuf,-1,_lpwszReturnBuf,eax 
    popad 
    ret 
     
Ascii2Unicode    EndP 
 
Start    Proc 
 
    invoke    Ascii2Unicode,offset usText,CTEXT("这里是Text!") 
    invoke    Ascii2Unicode,offset usCaption,CTEXT("这里是Caption!") 
    invoke    MessageBoxTimeoutW,0,offset usText,offset usCaption,1,0,-1 
    invoke    Ascii2Unicode,offset usCaption,CTEXT("提示") 
     
    .if eax == IDOK 
        invoke    Ascii2Unicode,offset usText,CTEXT("您点了确定按钮!") 
        invoke    MessageBoxTimeoutW,0,offset usText,offset usCaption,0,0,-1 
         
    .elseif    eax == IDCANCEL 
        invoke    Ascii2Unicode,offset usText,CTEXT("您点了取消按钮!") 
        invoke    MessageBoxTimeoutW,0,offset usText,offset usCaption,0,0,-1 
         
    .endif 
     
    ret 
     
Start EndP 
 
End Start


动态转换或者 自己写宏!~

[ 本帖最后由 sll0807 于 2009-10-18 11:06 编辑 ]
2009-10-18 10:52
sll0807
Rank: 3Rank: 3
等 级:论坛游侠
威 望:5
帖 子:69
专家分:123
注 册:2009-3-2
得分:0 


Ansi 与 Unicode 在日文XP的显示结果!~~~~~~~~~~

[ 本帖最后由 sll0807 于 2009-10-18 17:28 编辑 ]
2009-10-18 17:27
zklhp
Rank: 20Rank: 20Rank: 20Rank: 20Rank: 20
来 自:china
等 级:贵宾
威 望:254
帖 子:11485
专家分:33241
注 册:2007-7-10
得分:0 
以下是引用sll0807在2009-10-18 10:52:31的发言:

.386
.Model Flat,StdCall
Option Casemap :None
 
Include        Windows.inc
Include        User32.inc
Include        Kernel32.inc
 
Include        /MASMPlus/Macros/Strings.Mac
 
IncludeLib    Us ...

动态转换太占地方了~
2009-10-18 17:57
zklhp
Rank: 20Rank: 20Rank: 20Rank: 20Rank: 20
来 自:china
等 级:贵宾
威 望:254
帖 子:11485
专家分:33241
注 册:2007-7-10
得分:0 
以下是引用sll0807在2009-10-18 10:52:31的发言:

.386
.Model Flat,StdCall
Option Casemap :None
 
Include        Windows.inc
Include        User32.inc
Include        Kernel32.inc
 
Include        /MASMPlus/Macros/Strings.Mac
 
IncludeLib    Us ...

宏也不好~
2009-10-18 17:57
sll0807
Rank: 3Rank: 3
等 级:论坛游侠
威 望:5
帖 子:69
专家分:123
注 册:2009-3-2
得分:0 
我也想知道好办法呢!~有好办法就指点指点 嘿嘿 !~~~~~

[ 本帖最后由 sll0807 于 2009-10-18 19:02 编辑 ]
2009-10-18 18:30
onepc
Rank: 7Rank: 7Rank: 7
等 级:黑侠
威 望:3
帖 子:223
专家分:569
注 册:2009-8-27
得分:0 
学习一下。~~~
2009-10-20 09:17



参与讨论请移步原网站贴子:https://bbs.bccn.net/thread-288762-1-1.html




关于我们 | 广告合作 | 编程中国 | 清除Cookies | TOP | 手机版

编程中国 版权所有,并保留所有权利。
Powered by Discuz, Processed in 0.423120 second(s), 8 queries.
Copyright©2004-2024, BCCN.NET, All Rights Reserved