ARM-8 代码还原动态调试之 pstree 多个条件跳转

xiaozhiwise

已于 2024-09-14 00:30:34 修改

阅读量422

点赞数 13

分类专栏： Assembly 文章标签：汇编

于 2024-09-13 16:56:44 首次发布

本文链接：https://blog.csdn.net/xiaozhiwise/article/details/142214949

版权

Assembly 专栏收录该内容

527 篇文章 3 订阅

订阅专栏

  402600:	b9405360 	ldr	w0, [x27, #80]      // w0=show_parents, 调试确认为 show_parents
  402604:	f9400774 	ldr	x20, [x27, #8]      // x20=list
  402608:	7100001f 	cmp	w0, #0x0            // show_parents ?= 0
  40260c:	b9401fe0 	ldr	w0, [sp, #28]       // w0=pid_set
  402610:	1a9f07e2 	cset	w2, ne  // ne = any // w2=(show_parents ?= 0) ? 1:0
  402614:	0a000042 	and	w2, w2, w0          // show_parents & pid_set
  402618:	b40029d4 	cbz	x20, 402b50 <ferror@plt+0xc70>  // list = null
    // 此处if为多余代码
    if (list == NULL) {
        // cbn 402b50
    }

  40261c:	b9401be3 	ldr	w3, [sp, #24]       // w3=highlight
  402620:	aa1403e0 	mov	x0, x20             // x0=x20=walk=list
  402624:	14000003 	b	402630 <ferror@plt+0x750>
  402628:	f9406000 	ldr	x0, [x0, #192]      // x0=walk->next
  40262c:	b4000140 	cbz	x0, 402654 <ferror@plt+0x774>   // walk->next = null
  402630:	b9405401 	ldr	w1, [x0, #84]       // w1=walk->pid
  402634:	6b01007f 	cmp	w3, w1              // walk->pid ?= highlight
  402638:	54ffff81 	b.ne	402628 <ferror@plt+0x748>  // b.any
        for (walk = list; walk; walk = walk->next) {
            if (walk->pid != highlight) {
                // b.ne 402628               
                // 不相等就直到 walk->next 为空再跳到 402654 。
            }
            else if (walk->pid == highlight) {
                // 相等就顺序执行 40263c ，
                break;
            }
        }

  40263c:	d503201f 	nop
  402640:	39428001 	ldrb	w1, [x0, #160]  // w1=walk->flags
  402644:	32000021 	orr	w1, w1, #0x1        // w1=walk->flags|0x1
  402648:	39028001 	strb	w1, [x0, #160]  // walk->flags=w1
         do {
            walk->flags |= 0x1;          

  40264c:	f9405c00 	ldr	x0, [x0, #184]      // x0=walk->parent
  402650:	b5ffff80 	cbnz	x0, 402640 <ferror@plt+0x760>   // walk->parent != null

            walk = walk->parent
         } while (walk != NULL);
      
      把以上代码可以写成:  
      for (current = find_proc(highlight); current; current = current->parent) {
            // cbnz 402640
            current->flags |= 0x1;
       }

  402654:	35002422 	cbnz	w2, 402ad8 <ferror@plt+0xbf8>   // w2 != 0
        if (show_parents & pid_set != 0) {
            // cbnz 402ad8
        }

  402658:	7100239f 	cmp	w28, #0x8       // w28=nsid
  40265c:	54000e40 	b.eq	402824 <ferror@plt+0x944>  // b.none
        if (nsid == 0x8) {
            // b.eq 402824
        }

代码还原：

    // 此处if为多余代码
    if (list == NULL) {
        // cbn 402b50
    }
    else {
        // cbz x0, 402654
        for (current = find_proc(highlight); current; current = current->parent) {
            // cbnz 402640
            current->flags |= PFLAG_HILIGHT;
        }
    }
    // order 402654

    // cbn 402b50   # 此处为多余代码
    #if 0
    if (show_parents & pid_set == 0) {
        // cbz 402658
    }
    #endif
    // 402654
    if (show_parents & pid_set != 0) {
        // cbnz 402ad8
        PROC *child_proc;
        if ( (child_proc = find_proc(pid)) == NULL) {
            // cbz 402b54
            fprintf(stderr, _("Process %d not found.\n"), pid);
            return 1;