tesuji · September 20, 2018 05:42
diff --git a/ioli-6.asm b/ioli-6.asm
 ┌ (fcn) sym.check 127
 │   sym.check (char *s, int arg_ch);
 │           ; var char *local_dh @ ebp-0xd
 │           ; var unsigned int local_ch @ ebp-0xc
 │           ; var unsigned int local_8h @ ebp-0x8
 │           ; var int local_4h @ ebp-0x4
 │           ; arg char *s @ ebp+0x8
 │           ; arg int arg_ch @ ebp+0xc
 │           ; var char *format @ esp+0x4
 │           ; var int local_8h_2 @ esp+0x8
 │           ; CALL XREF from sym.main (0x804865e)
 │           0x08048588      55             push ebp
 │           0x08048589      89e5           mov ebp, esp
 │           0x0804858b      83ec28         sub esp, 0x28               ; '('
 │           0x0804858e      c745f8000000.  mov dword [local_8h], 0
 │           0x08048595      c745f4000000.  mov dword [local_ch], 0
 │           ; CODE XREF from sym.check (0x80485f7)
 │       ┌─> 0x0804859c      8b4508         mov eax, dword [s]          ; [0x8:4]=-1 ; 8
 │       ⁝   0x0804859f      890424         mov dword [esp], eax        ; const char *s
 │       ⁝   0x080485a2      e801feffff     call sym.imp.strlen         ; size_t strlen(const char *s)
 │       ⁝   0x080485a7      3945f4         cmp dword [local_ch], eax   ; [0x13:4]=-1 ; 19
 │      ┌──< 0x080485aa      734d           jae 0x80485f9
 │      │⁝   0x080485ac      8b45f4         mov eax, dword [local_ch]
 │      │⁝   0x080485af      034508         add eax, dword [s]
 │      │⁝   0x080485b2      0fb600         movzx eax, byte [eax]
 │      │⁝   0x080485b5      8845f3         mov byte [local_dh], al
 │      │⁝   0x080485b8      8d45fc         lea eax, [local_4h]
 │      │⁝   0x080485bb      89442408       mov dword [local_8h_2], eax ;   ...
 │      │⁝   0x080485bf      c74424043d87.  mov dword [format], 0x804873d ; [0x804873d:4]=0x50006425 ; const char *format
 │      │⁝   0x080485c7      8d45f3         lea eax, [local_dh]
 │      │⁝   0x080485ca      890424         mov dword [esp], eax        ; const char *s
 │      │⁝   0x080485cd      e8f6fdffff     call sym.imp.sscanf         ; int sscanf(const char *s, const char *format,   ...)
 │      │⁝   0x080485d2      8b55fc         mov edx, dword [local_4h]
 │      │⁝   0x080485d5      8d45f8         lea eax, [local_8h]
 │      │⁝   0x080485d8      0110           add dword [eax], edx
 │      │⁝   0x080485da      837df810       cmp dword [local_8h], 0x10  ; [0x10:4]=-1 ; 16
 │     ┌───< 0x080485de      7512           jne 0x80485f2
 │     ││⁝   0x080485e0      8b450c         mov eax, dword [arg_ch]     ; [0xc:4]=-1 ; 12
 │     ││⁝   0x080485e3      89442404       mov dword [format], eax
 │     ││⁝   0x080485e7      8b4508         mov eax, dword [s]          ; [0x8:4]=-1 ; 8
 │     ││⁝   0x080485ea      890424         mov dword [esp], eax
 │     ││⁝   0x080485ed      e828ffffff     call sym.parell
 │     ││⁝   ; CODE XREF from sym.check (0x80485de)
 │     └───> 0x080485f2      8d45f4         lea eax, [local_ch]
 │      │⁝   0x080485f5      ff00           inc dword [eax]
 │      │└─< 0x080485f7      eba3           jmp 0x804859c
 │      │    ; CODE XREF from sym.check (0x80485aa)
 │      └──> 0x080485f9      c704244e8704.  mov dword [esp], str.Password_Incorrect ; [0x804874e:4]=0x73736150 ; "Password Incorrect!\n" ; const char *format
 │           0x08048600      e8b3fdffff     call sym.imp.printf         ; int printf(const char *format)
 │           0x08048605      c9             leave
 └           0x08048606      c3             ret
	┌ (fcn) sym.check 127
	│ sym.check (char *s, int arg_ch);
	│ ; var char *local_dh @ ebp-0xd
	│ ; var unsigned int local_ch @ ebp-0xc
	│ ; var unsigned int local_8h @ ebp-0x8
	│ ; var int local_4h @ ebp-0x4
	│ ; arg char *s @ ebp+0x8
	│ ; arg int arg_ch @ ebp+0xc
	│ ; var char *format @ esp+0x4
	│ ; var int local_8h_2 @ esp+0x8
	│ ; CALL XREF from sym.main (0x804865e)
	│ 0x08048588 55 push ebp
	│ 0x08048589 89e5 mov ebp, esp
	│ 0x0804858b 83ec28 sub esp, 0x28 ; '('
	│ 0x0804858e c745f8000000. mov dword [local_8h], 0
	│ 0x08048595 c745f4000000. mov dword [local_ch], 0
	│ ; CODE XREF from sym.check (0x80485f7)
	│ ┌─> 0x0804859c 8b4508 mov eax, dword [s] ; [0x8:4]=-1 ; 8
	│ ⁝ 0x0804859f 890424 mov dword [esp], eax ; const char *s
	│ ⁝ 0x080485a2 e801feffff call sym.imp.strlen ; size_t strlen(const char *s)
	│ ⁝ 0x080485a7 3945f4 cmp dword [local_ch], eax ; [0x13:4]=-1 ; 19
	│ ┌──< 0x080485aa 734d jae 0x80485f9
	│ │⁝ 0x080485ac 8b45f4 mov eax, dword [local_ch]
	│ │⁝ 0x080485af 034508 add eax, dword [s]
	│ │⁝ 0x080485b2 0fb600 movzx eax, byte [eax]
	│ │⁝ 0x080485b5 8845f3 mov byte [local_dh], al
	│ │⁝ 0x080485b8 8d45fc lea eax, [local_4h]
	│ │⁝ 0x080485bb 89442408 mov dword [local_8h_2], eax ; ...
	│ │⁝ 0x080485bf c74424043d87. mov dword [format], 0x804873d ; [0x804873d:4]=0x50006425 ; const char *format
	│ │⁝ 0x080485c7 8d45f3 lea eax, [local_dh]
	│ │⁝ 0x080485ca 890424 mov dword [esp], eax ; const char *s
	│ │⁝ 0x080485cd e8f6fdffff call sym.imp.sscanf ; int sscanf(const char s, const char format, ...)
	│ │⁝ 0x080485d2 8b55fc mov edx, dword [local_4h]
	│ │⁝ 0x080485d5 8d45f8 lea eax, [local_8h]
	│ │⁝ 0x080485d8 0110 add dword [eax], edx
	│ │⁝ 0x080485da 837df810 cmp dword [local_8h], 0x10 ; [0x10:4]=-1 ; 16
	│ ┌───< 0x080485de 7512 jne 0x80485f2
	│ ││⁝ 0x080485e0 8b450c mov eax, dword [arg_ch] ; [0xc:4]=-1 ; 12
	│ ││⁝ 0x080485e3 89442404 mov dword [format], eax
	│ ││⁝ 0x080485e7 8b4508 mov eax, dword [s] ; [0x8:4]=-1 ; 8
	│ ││⁝ 0x080485ea 890424 mov dword [esp], eax
	│ ││⁝ 0x080485ed e828ffffff call sym.parell
	│ ││⁝ ; CODE XREF from sym.check (0x80485de)
	│ └───> 0x080485f2 8d45f4 lea eax, [local_ch]
	│ │⁝ 0x080485f5 ff00 inc dword [eax]
	│ │└─< 0x080485f7 eba3 jmp 0x804859c
	│ │ ; CODE XREF from sym.check (0x80485aa)
	│ └──> 0x080485f9 c704244e8704. mov dword [esp], str.Password_Incorrect ; [0x804874e:4]=0x73736150 ; "Password Incorrect!\n" ; const char *format
	│ 0x08048600 e8b3fdffff call sym.imp.printf ; int printf(const char *format)
	│ 0x08048605 c9 leave
	└ 0x08048606 c3 ret