如何调试d7程序调用的bpl包中的代码?
如题:
我目前手上的程序,是D7的,采用主exe调用bpl 运行时包的方式运行.
将绝大多数窗体都装在包中,然后主exe去调用.
我想请教达人,象这种形式的程序,如何用od下断呢?
比如想在包中的某个窗体的某个按钮事件上下断呢?
即下面代码中 ShareBpl.Logo::LogoFrm 中有一个登陆按钮.
00403808 > $ 55 PUSH EBP ; (初始 cpu 选择)
00403809 . 8BEC MOV EBP,ESP
0040380B . 83C4 F0 ADD ESP,-10
0040380E . 53 PUSH EBX
0040380F . 56 PUSH ESI
00403810 . 57 PUSH EDI
00403811 . B8 F02B4000 MOV EAX,00402BF0
00403816 . E8 49D8FFFF CALL 00401064
0040381B . 8B1D 147F4000 MOV EBX,DWORD PTR DS:[<&vcl70.Forms::Application>] ; vcl70.Forms::Application
00403821 . 8B03 MOV EAX,DWORD PTR DS:[EBX]
00403823 . E8 48DEFFFF CALL <JMP.&vcl70.Forms::TApplication::Initialize>
00403828 . 8B03 MOV EAX,DWORD PTR DS:[EBX]
0040382A . BA 50394000 MOV EDX,00403950 ; 电脑行业管理系统
0040382F . E8 34DEFFFF CALL <JMP.&vcl70.Forms::TApplication::SetTitle>
00403834 . 8B0D 70884000 MOV ECX,DWORD PTR DS:[<&ShareBpl.Dmbase::CustomerDM>] ; ShareBpl.Dmbase::CustomerDM
0040383A . 8B03 MOV EAX,DWORD PTR DS:[EBX]
0040383C . 8B15 74884000 MOV EDX,DWORD PTR DS:[<&ShareBpl.Dmbase::TCustomerDM::>] ; ShareBpl.Dmbase::TCustomerDM::
00403842 . E8 31DEFFFF CALL <JMP.&vcl70.Forms::TApplication::CreateForm>
00403847 . 8B0D 247F4000 MOV ECX,DWORD PTR DS:[<&ShareBpl.Main::MainForm>] ; ShareBpl.Main::MainForm
0040384D . 8B03 MOV EAX,DWORD PTR DS:[EBX]
0040384F . 8B15 287F4000 MOV EDX,DWORD PTR DS:[<&ShareBpl.Main::TMainForm::>] ; ShareBpl.Main::TMainForm::
00403855 . E8 1EDEFFFF CALL <JMP.&vcl70.Forms::TApplication::CreateForm>
0040385A . 8B0D 1C834000 MOV ECX,DWORD PTR DS:[<&ShareBpl.Sharedm::DataMdl>] ; ShareBpl.Sharedm::DataMdl
00403860 . 8B03 MOV EAX,DWORD PTR DS:[EBX]
00403862 . 8B15 20834000 MOV EDX,DWORD PTR DS:[<&ShareBpl.Sharedm::TDataMdl::>] ; ShareBpl.Sharedm::TDataMdl::
00403868 . E8 0BDEFFFF CALL <JMP.&vcl70.Forms::TApplication::CreateForm>
0040386D . 8B0D 988B4000 MOV ECX,DWORD PTR DS:[<&ShareBpl.Logo::LogoFrm>] ; ShareBpl.Logo::LogoFrm
00403873 . 8B03 MOV EAX,DWORD PTR DS:[EBX]
00403875 . 8B15 9C8B4000 MOV EDX,DWORD PTR DS:[<&ShareBpl.Logo::TLogoFrm::>] ; ShareBpl.Logo::TLogoFrm::
0040387B . E8 F8DDFFFF CALL <JMP.&vcl70.Forms::TApplication::CreateForm>
00403880 . 8B0D 848B4000 MOV ECX,DWORD PTR DS:[<&ResurceBpl.Resurcedm::ResDm>] ; resurceb.Resurcedm::ResDm
00403886 . 8B03 MOV EAX,DWORD PTR DS:[EBX]
00403888 . 8B15 888B4000 MOV EDX,DWORD PTR DS:[<&ResurceBpl.Resurcedm::TResDm::>] ; resurceb.Resurcedm::TResDm::
0040388E . E8 E5DDFFFF CALL <JMP.&vcl70.Forms::TApplication::CreateForm>
00403893 . A1 1C834000 MOV EAX,DWORD PTR DS:[<&ShareBpl.Sharedm::DataMdl>]
00403898 . 8B00 MOV EAX,DWORD PTR DS:[EAX]
0040389A . 05 98000000 ADD EAX,98
0040389F . 8B15 70884000 MOV EDX,DWORD PTR DS:[<&ShareBpl.Dmbase::CustomerDM>] ; ShareBpl.Dmbase::CustomerDM
004038A5 . 8B12 MOV EDX,DWORD PTR DS:[EDX]
004038A7 . 8B52 68 MOV EDX,DWORD PTR DS:[EDX+68]
004038AA . 85D2 TEST EDX,EDX
004038AC . 74 03 JE SHORT 004038B1
004038AE . 83EA D4 SUB EDX,-2C
004038B1 > B9 64394000 MOV ECX,00403964
004038B6 . E8 7DD7FFFF CALL <JMP.&rtl70.System::IntfCast>
004038BB . A1 988B4000 MOV EAX,DWORD PTR DS:[<&ShareBpl.Logo::LogoFrm>]
004038C0 . 8B00 MOV EAX,DWORD PTR DS:[EAX]
004038C2 . 8B10 MOV EDX,DWORD PTR DS:[EAX]
004038C4 . FF92 EC000000 CALL DWORD PTR DS:[EDX+EC]
004038CA . 48 DEC EAX
004038CB . 75 09 JNZ SHORT 004038D6
004038CD . 8B03 MOV EAX,DWORD PTR DS:[EBX]
004038CF . E8 ACDDFFFF CALL <JMP.&vcl70.Forms::TApplication::Run>
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
