Java逆向基础之常量入栈指令
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Java逆向基础之常量入栈指令相关的知识,希望对你有一定的参考价值。
常量入栈指令有iconst、bipush、sipush、ldc、ldc2_w分别对应不同的使用场景
以下两个表简单总结了使用场景
八大基本类型场景表
指令场景表
以下是简单的例子
×××常量0的例子iconst
public class ret { public static int main(String[] args) { return 0; } }
编译
javac ret.java
Java标准反编译
javap -c -verbose ret.class
... major version: 52 ... public static int main(java.lang.String[]); descriptor: ([Ljava/lang/String;)I flags: ACC_PUBLIC, ACC_STATIC Code: stack=1, locals=1, args_size=1 0: iconst_0 1: ireturn LineNumberTable: line 5: 0
注意其中的0: iconst_0即可
×××常量123的例子bipush
public class ret { public static int main(String[] args) { return 123; } }
反编译
... major version: 52 ... public static int main(java.lang.String[]); descriptor: ([Ljava/lang/String;)I flags: ACC_PUBLIC, ACC_STATIC Code: stack=1, locals=1, args_size=1 0: bipush 123 2: ireturn LineNumberTable: line 5: 0
注意其中的0: bipush 123
×××常量1234的例子sipush
public class ret { public static int main(String[] args) { return 1234; } }
反编译
... major version: 52 ... public static int main(java.lang.String[]); descriptor: ([Ljava/lang/String;)I flags: ACC_PUBLIC, ACC_STATIC Code: stack=1, locals=1, args_size=1 0: sipush 1234 3: ireturn LineNumberTable: line 5: 0
注意其中的 0: sipush 1234
×××常量12345678的例子ldc
public class ret { public static int main(String[] args) { return 12345678; } }
反编译
... major version: 52 ... #2 = Integer 12345678 ... public static int main(java.lang.String[]); descriptor: ([Ljava/lang/String;)I flags: ACC_PUBLIC, ACC_STATIC Code: stack=1, locals=1, args_size=1 0: ldc #2 // int 12345678 2: ireturn LineNumberTable: line 5: 0
布尔型true例子iconst
public class ret { public static boolean main(String[] args) { return true; } }
反编译
... major version: 52 ... public static boolean main(java.lang.String[]); descriptor: ([Ljava/lang/String;)Z flags: ACC_PUBLIC, ACC_STATIC Code: stack=1, locals=1, args_size=1 0: iconst_1 1: ireturn LineNumberTable: line 5: 0
注意0: iconst_1即ture用常量1表示
短整型short例子
public class ret { public static short main(String[] args) { return 1234; } }
反编译
... major version: 52 ... public static short main(java.lang.String[]); descriptor: ([Ljava/lang/String;)S flags: ACC_PUBLIC, ACC_STATIC Code: stack=1, locals=1, args_size=1 0: sipush 1234 3: ireturn LineNumberTable: line 5: 0
注意0: sipush 1234
字符型A例子
public class ret { public static char main(String[] args) { return 'A'; } }
反编译
... major version: 52 ... public static char main(java.lang.String[]); descriptor: ([Ljava/lang/String;)C flags: ACC_PUBLIC, ACC_STATIC Code: stack=1, locals=1, args_size=1 0: bipush 65 2: ireturn LineNumberTable: line 5: 0
注意0: bipush 65
字符型中例子
public class ret { public static char main(String[] args) { return '中'; } }
反编译
... major version: 52 ... public static char main(java.lang.String[]); descriptor: ([Ljava/lang/String;)C flags: ACC_PUBLIC, ACC_STATIC Code: stack=1, locals=1, args_size=1 0: sipush 20013 3: ireturn LineNumberTable: line 5: 0
注意0: sipush 20013
byte类型123列子
public class ret { public static byte main(String[] args) { return 123; } }
反编译
... major version: 52 ... public static byte main(java.lang.String[]); descriptor: ([Ljava/lang/String;)B flags: ACC_PUBLIC, ACC_STATIC Code: stack=1, locals=1, args_size=1 0: bipush 123 2: ireturn LineNumberTable: line 5: 0
注意 0: bipush 123
long类型1234567890123456789L例子
public class ret { public static long main(String[] args) { return 1234567890123456789l; } }
反编译
... major version: 52 ... #2 = Long 1234567890123456789l ... public static long main(java.lang.String[]); descriptor: ([Ljava/lang/String;)J flags: ACC_PUBLIC, ACC_STATIC Code: stack=2, locals=1, args_size=1 0: ldc2_w #2 // long 1234567890123456789l 3: lreturn LineNumberTable: line 5: 0
注意0: ldc2_w #2 // long 1234567890123456789l
浮点类型123.456d的例子
public class ret { public static double main(String[] args) { return 123.456d; } }
反编译
... major version: 52 ... #2 = Double 123.456d ... public static double main(java.lang.String[]); descriptor: ([Ljava/lang/String;)D flags: ACC_PUBLIC, ACC_STATIC Code: stack=2, locals=1, args_size=1 0: ldc2_w #2 // double 123.456d 3: dreturn LineNumberTable: line 5: 0
注意0: ldc2_w #2 // double 123.456d
浮点类型123.456f的例子
public class ret { public static float main(String[] args) { return 123.456f; } }
反编译
... major version: 52 ... #2 = Float 123.456f ... public static float main(java.lang.String[]); descriptor: ([Ljava/lang/String;)F flags: ACC_PUBLIC, ACC_STATIC Code: stack=1, locals=1, args_size=1 0: ldc #2 // float 123.456f 2: freturn LineNumberTable: line 5: 0
注意0: ldc #2 // float 123.456f
以上是关于Java逆向基础之常量入栈指令的主要内容,如果未能解决你的问题,请参考以下文章
Android 逆向x86 汇编 ( push / pop 入栈 / 出栈 指令 | ret / retn 函数调用返回指令 | set 设置目标值指令 )
Android 逆向x86 汇编 ( push / pop 入栈 / 出栈 指令 | ret / retn 函数调用返回指令 | set 设置目标值指令 )