So basically every time I overflow a buffer, I see this:
Program received signal SIGABRT, Aborted.
0x00007ffff7a47c37 in __GI_raise (sig=sig@entry=6)
at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
56 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory
.
The question that I have is: what is 0x00007ffff7a47c37
?
it is pretty far from RSP
and RBP
and before the program throw the segmentation fault if I do:
(gdb) break 12
(gdb) x/x $rip
0x400654 <main+94>: 0xe0558d48
it seems not to be RIP as well.
my code:
#include <stdio.h>
int main(int argc, char *argv[])
{
int dummy;
int* rip = &dummy;
printf("%p\n", rip);
int *ret;
char buf[20];
strcpy(buf, argv[1]);
ret = buf;
printf("%p:%s\n", ret, buf);
return 0;
}
I run the script as run $(perl -e 'print "A"x40')
它是argv变量的内存地址。
it seems not to be RIP as well.
Though it doesn't seem so to you, it may well be that there are code addresses far away from each other. Example:
(gdb) bt
#0 0x0000000000000000 in ?? ()
#1 0x00007f2b9480dd52 in __libc_start_main () from /lib64/libc.so.6
#2 0x0000000000400479 in _start ()
The value 0x00007ffff7a47c37
is definitely the instruction pointer where the signal was raised. You can even use the gdb
command disas __GI_raise
to verify.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.