Вопрос

I'm trying to play around with ROP programming and therefore I am using gdb. So I am trying to follow this step:

(gdb) print not_called
$1 = {<text variable, no debug info>} 0x8048444 <not_called>

but when I am running this command I get something like this:

(gdb) print not_called
$1 = {void ()} 0x40062d <not_called>

I am running this on a 64Bit machine:

dirk@discordia:~/devel$ uname -p
x86_64

Am I doing something wrong or is this correct that the addresses on my machine are two bytes less than in the tutorial? And if it's just a gdb switch or something that the addresses on my machine are displayed shorter. How can I switch the way the addresses are displayed?

Это было полезно?

Решение

You're running on a 64bit system, which defaults programs to the 0x400000 page, and the tutorial was built on a 32bit system, which defaults to the 0x8048000 page.

There is no issue.

(And if gdb didn't turn off ASLR, neither of those numbers would match, as the base page address would have been randomized 'for your protection'.)

Другие советы

This is indeed the right address.

The output is only one byte 'short'. That is because the function is mapped at 0x0040062d. The leading zero byte is striped by gdb.

Лицензировано под: CC-BY-SA с атрибуция
Не связан с StackOverflow
scroll top