How to get information from objdump
https://stackoverflow.com/questions/2546571
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian문제
I encounter a problem when reading information dumped out from an executable file in linux. The information is as follows:
804a0ea: 04 08 add $0x8, %al
...
804a0f4: a6 cmpsb %es:(%edi),%ds:(%esi)
I have two questions:
- what does the address 804a0ea and 804a0f4 mean? the virtual address in the process's address space?
- what does the ... mean? how can I get instruction at address 804a0f0?
Thanks in advance.
More information around this part of code:
Disassembly of section .got.plt:
0804a0e8 <_GLOBAL_OFFSET_TABLE_>:
804a0e8: 14 a0 adc $0xa0,%al
804a0ea: 04 08 add $0x8,%al
...
804a0f4: a6 cmpsb %es:(%edi),%ds:(%esi)
804a0f5: 87 04 08 xchg %eax,(%eax,%ecx,1)
804a0f8: b6 87 mov $0x87,%dh
804a0fa: 04 08 add $0x8,%al
804a0fc: c6 87 04 08 d6 87 04 movb $0x4,-0x7829f7fc(%edi)
804a103: 08 e6 or %ah,%dh
804a105: 87 04 08 xchg %eax,(%eax,%ecx,1)
804a108: f6 87 04 08 06 88 04 testb $0x4,-0x77f9f7fc(%edi)
804a10f: 08 16 or %dl,(%esi)
804a111: 88 04 08 mov %al,(%eax,%ecx,1)
804a114: 26 88 04 08 mov %al,%es:(%eax,%ecx,1)
804a118: 36 88 04 08 mov %al,%ss:(%eax,%ecx,1)
804a11c: 46 inc %esi
Hope anyone can give me a hand.:-)
해결책
The global offset table is not pointing to code, it's pointing to data (hrm... offsets, actually). So trying to disassemble it will not give very meaningful code. (you can actually find which offsets by looking at the code values. 0804a014, ... 080487a6).
The ... usually mean a bunch of 0's are in the stream.
다른 팁
- Copy only the assembly code to the text editor
- On the first line type main: (assembly for main())
- And save the file as a *.s
- Open terminal and type gcc -s -o to compile or type in terminal gdb and then type layout asm and type then print
제휴하지 않습니다 StackOverflow
