flag = ; = ; = ;
top = ~ Left : left = ~ Right : right = ~ Bottom : Left, bottom = ~
ecx,[b]
:`vbase destructor
dword ptr [ebp-],ecx
ecx,dword ptr [this]
ecx,1Ch
:~Bottom (1281055h)
ecx,dword ptr [this]
ecx,1Ch
:~Top (1281096h)
dword ptr [ebp-14h],ecx
eax,dword ptr [ebp-14h]
dword ptr [eax-1Ch],offset :`vftable (0C1674Ch)
eax,dword ptr [ebp-14h]
ecx,dword ptr [eax-18h]
edx,dword ptr [ecx+]
eax,dword ptr [ebp-14h]
dword ptr [eax+edx-18h],offset :`vftable (1286874h)
eax,dword ptr [this]
ecx,dword ptr [eax-]
edx,dword ptr [ecx+]
eax,dword ptr [this]
dword ptr [eax+edx-],offset :`vftable
圖1 圖2 圖3
01281C23 mov eax,dword ptr [this];將this指針給寄存器eax
01281C26 mov dword ptr [eax-0Ch],offset Right::`vftable' (1286874h);將虛表首地址給向上偏移this指針12byte處內存,設置第一處虛表
01281C2D mov eax,dword ptr [this];將this指針給寄存器eax
01281C30 mov ecx,dword ptr [eax-8] ;將向上偏移this指針8byte處內存內容(即vbtable首地址)給寄存器ecx
01281C33 mov edx,dword ptr [ecx+4];將偏移vbtable首地址4byte處內存內容(即vbtable指針偏移虛基類Top首地址的偏移量),給寄存器edx
01281C36 mov eax,dword ptr [this] ;將this指針給寄存器eax
01281C39 mov dword ptr [eax+edx-8],offset Right::`vftable' (1286814h) ;eax是this指針,edx是偏移量,因此eax+edx-8即使虛基類Top子對象的首地址
;這裡將虛表首地址給該內存,設置第二處虛表
dword ptr [ebp-],ecx
eax,dword ptr [this]
dword ptr [eax-0Ch],offset :`vftable (1286788h)
dword ptr [ebp-],ecx
eax,dword ptr [this]
dword ptr [eax],offset :`vftable
