In Figure 2-14, byteArray is a 256-character array whose content is byteArray[] = {0, 1, ..., 0xff}.
Here is the disassembly of the function:
 |
| Figure 2-14. Practical Reverse Engineering. © 2014 by Bruce Dang |
The ARM processor is in Thumb state. We infer that this function takes two strings, as there is byte comparisons and the null byte ends the main loop. There is a 3rd argument which can terminate the main loop early as well. The function is a pretty straightforward translation to C.
int32_t comparison(char *str1, char *str2, uint32_t count)
{
/* LDR R6, =byteArray */
static BYTE byteArray[] = {0, 1, ..., 0xff};
/* CMP R2, #0 */
while (count > 0)
{
--count; /* SUBS R2, #1 */
/* LDRB R5, [R0] */
/* CBZ R5, loc_100E352 */
if (*str1 == '\0')
break;
/* LDRB R3, [R1] */
/* LDRB R4, [R3,R6] */
/* LDRB R3, [R5,R6] */
/* CMP R3, R4 */
if (byteArray[*str1] != byteArray[*str2])
break;
++str1; /* ADDS R0, #1 */
++str2; /* ADDS R1, #1 */
}
/* SUBS R2, #1 */
/* CMP R2, #0 */
if ((count - 1) >= 0)
{
/* LDRB R2, [R3,R6] */
/* LDRB R3, [R3,R6] */
/* SUBS R0, R3, R2 */
return byteArray[*str1] - byteArray[*str2];
}
return NULL; /* MOVS R0, #0 */
}
No comments :
Post a Comment