stackoom
  简体   繁体   中英

Program wont run after modification in Assembly with GDB

 原文  2017-02-08 16:21:57       linux/ debugging/ assembly/ gdb

Question

I have only the .out file and I am trying to change an integer with GDB. 

(gdb) disas/r main
Dump of assembler code for function main:

0x080484da <+0>:    8d 4c 24 04 lea    0x4(%esp),%ecx
0x080484de <+4>:    83 e4 f0    and    $0xfffffff0,%esp
0x080484e1 <+7>:    ff 71 fc    pushl  -0x4(%ecx)
0x080484e4 <+10>:   55  push   %ebp
0x080484e5 <+11>:   89 e5   mov    %esp,%ebp
0x080484e7 <+13>:   51  push   %ecx
0x080484e8 <+14>:   83 ec 14    sub    $0x14,%esp
0x080484eb <+17>:   c7 45 f0 00 00 00 00    movl   $0x0,-0x10(%ebp)
0x080484f2 <+24>:   c7 45 f4 00 00 00 00    movl   $0x0,-0xc(%ebp)
0x080484f9 <+31>:   83 ec 0c    sub    $0xc,%esp
0x080484fc <+34>:   6a 00   push   $0x0
0x080484fe <+36>:   e8 6d fe ff ff  call   0x8048370 <time@plt>
0x08048503 <+41>:   83 c4 10    add    $0x10,%esp
0x08048506 <+44>:   83 ec 0c    sub    $0xc,%esp
0x08048509 <+47>:   50  push   %eax
0x0804850a <+48>:   e8 81 fe ff ff  call   0x8048390 <srand@plt>
0x0804850f <+53>:   83 c4 10    add    $0x10,%esp
0x08048512 <+56>:   e8 99 fe ff ff  call   0x80483b0 <rand@plt>
0x08048517 <+61>:   89 c1   mov    %eax,%ecx
0x08048519 <+63>:   ba 67 66 66 66  mov    $0x66666667,%edx
0x0804851e <+68>:   89 c8   mov    %ecx,%eax
0x08048520 <+70>:   f7 ea   imul   %edx
0x08048522 <+72>:   c1 fa 02    sar    $0x2,%edx
0x08048525 <+75>:   89 c8   mov    %ecx,%eax
0x08048527 <+77>:   c1 f8 1f    sar    $0x1f,%eax
0x0804852a <+80>:   29 c2   sub    %eax,%edx
0x0804852c <+82>:   89 d0   mov    %edx,%eax
0x0804852e <+84>:   89 45 f4    mov    %eax,-0xc(%ebp)
0x08048531 <+87>:   8b 55 f4    mov    -0xc(%ebp),%edx
0x08048534 <+90>:   89 d0   mov    %edx,%eax
0x08048536 <+92>:   c1 e0 02    shl    $0x2,%eax
0x08048539 <+95>:   01 d0   add    %edx,%eax
0x0804853b <+97>:   01 c0   add    %eax,%eax
0x0804853d <+99>:   29 c1   sub    %eax,%ecx
0x0804853f <+101>:  89 c8   mov    %ecx,%eax
0x08048541 <+103>:  89 45 f4    mov    %eax,-0xc(%ebp)
0x08048544 <+106>:  83 ec 08    sub    $0x8,%esp
0x08048547 <+109>:  ff 75 f4    pushl  -0xc(%ebp)
0x0804854a <+112>:  68 50 86 04 08  push   $0x8048650
0x0804854f <+117>:  e8 0c fe ff ff  call   0x8048360 <printf@plt>
0x08048554 <+122>:  83 c4 10    add    $0x10,%esp
0x08048557 <+125>:  83 7d f4 05 cmpl   $0x5,-0xc(%ebp) 
0x0804855b <+129>:  7e 2a   jle    0x8048587 <main+173>
==>  0x0804855d <+131>: c7 45 f0 00 04 00 00    movl   $0x400,-0x10(%ebp)
0x08048564 <+138>:  83 ec 0c    sub    $0xc,%esp
0x08048567 <+141>:  ff 75 f0    pushl  -0x10(%ebp)
0x0804856a <+144>:  e8 5c ff ff ff  call   0x80484cb <dump>
0x0804856f <+149>:  83 c4 10    add    $0x10,%esp
0x08048572 <+152>:  83 ec 08    sub    $0x8,%esp
0x08048575 <+155>:  ff 75 f0    pushl  -0x10(%ebp)
0x08048578 <+158>:  68 82 86 04 08  push   $0x8048682
0x0804857d <+163>:  e8 de fd ff ff  call   0x8048360 <printf@plt>
0x08048582 <+168>:  83 c4 10    add    $0x10,%esp
0x08048585 <+171>:  eb 28   jmp    0x80485af <main+213>
0x08048587 <+173>:  c7 45 f0 8f 02 00 00    movl   $0x28f,-0x10(%ebp)
0x0804858e <+180>:  83 ec 0c    sub    $0xc,%esp
0x08048591 <+183>:  ff 75 f0    pushl  -0x10(%ebp)
0x08048594 <+186>:  e8 32 ff ff ff  call   0x80484cb <dump>
0x08048599 <+191>:  83 c4 10    add    $0x10,%esp
0x0804859c <+194>:  83 ec 08    sub    $0x8,%esp
0x0804859f <+197>:  ff 75 f0    pushl  -0x10(%ebp)
0x080485a2 <+200>:  68 82 86 04 08  push   $0x8048682
0x080485a7 <+205>:  e8 b4 fd ff ff  call   0x8048360 <printf@plt>
0x080485ac <+210>:  83 c4 10    add    $0x10,%esp
0x080485af <+213>:  83 ec 0c    sub    $0xc,%esp
0x080485b2 <+216>:  6a 05   push   $0x5
0x080485b4 <+218>:  e8 c7 fd ff ff  call   0x8048380 <sleep@plt>
0x080485b9 <+223>:  83 c4 10    add    $0x10,%esp
0x080485bc <+226>:  e9 51 ff ff ff  jmp    0x8048512 <main+56>
End of assembler dump.

I have to change 400 with 500 in line 0x0804855d <+131> so I do 

set *(0x0804855d+4) = 0x05

and then 

(gdb) disas/r main
.....
0x0804855d <+131>: c7 45 f0 00 05 00 00   movl $0x500,-0x10(%edb)
.....

But when I will try to run it I will get SIGILL and the execution will stop. Anything obvious? Or not.?

1 answers

solution1
 2  2017-02-08 22:43:07

Ross Ridge is exactly right.

Instead of set *(0x0804855d+4) = 0x05 , you should do set *(0x0804855d+3) = 0x500 , or set *(char*)0x8048561 = 0x5

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Assembly program no debugging symbols found in GDB Can GDB change the assembly code of a running program? Linux Sys_execve wont run in assembly GDB - Assembly program returns /bin/sh: 0: Can't open � List command is not loading source code of assembly program in gdb Simple pthreads and signal program on linux wont run How does gdb start an assembly compiled program and step one line at a time? GDB run as subprocess stops parent process after receiving a 'kill -9' GDB not interrupting program immediately Debug chrooted program with gdb
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM