tags:

views:

35

answers:

2
Q: 

how to resolve segment:offset adres in GDB 

(gdb) info registers ds
   ds             0x7b  123
(gdb) disassemble
   Dump of assembler code for function printf@plt:
   0x0804831c <+0>: jmp    DWORD PTR ds:0x804a008
=> 0x08048322 <+6>: push   0x10
   0x08048327 <+11>:    jmp    0x80482ec
End of assembler dump.

Can someone describe me how to map ds:0x804a008 address into linear address I can use i "x/xw address" command? If it is not clear I'd like to know where to this first jmp function in code jumps.

A: 

Modern x86 OS don't use segmented addressing. Real mode segmented address can only represent 1Mb of address space. This addressing scheme is only used during the boot process for compatibility reasons.

The OS set all the segment registers to a selector that represent the flat 32-bit address space of your process but you shouldn't have to worry about that.

ds:0x804a008 is just the same as 0x804a008

Alexandre Jasmin  2010-10-24 00:50:52
+1  A: 

0x804a008 is an address in the processes linear address space - the DWORD in that memory location is the address that will be jumped to (ie., 0x804a008 is a pointer). `

So

x/xw 0x804a008

will dump the contents of the pointer, and

disasm *0x804a008

will disassemble the code that jumping through that pointer will execute.

Michael Burr  2010-10-24 00:55:57
sorry my fault it is a pointer :) you are absolutely right
 2010-10-24 01:08:13
(gdb) x/xw 0x804a0080x804a008 <_GLOBAL_OFFSET_TABLE_+20>: 0x08048322
 2010-10-24 01:08:44
@user480162: Have a read of the article at http://www.thexploit.com/sploitdev/how-is-glibc-loaded-at-runtime/ to get an idea of what's going on here. Basically the first time through, it executes the code at `0x08048322` which resolves the actual location of `printf()` and puts it into the pointer. So next time it's called it'll just jump right to `printf()`
Michael Burr  2010-10-24 01:17:06

related questions

How do I avoid a memory leak with LINQ-To-SQL?
Reducing memory footprint of large unfamiliar codebase.
Short Integers in Python
What's so wrong about using GC.Collect()?
A way to determine a process's "real" memory usage, i.e. private dirty RSS?
Resources that have to be manually cleaned up in C#?
Python memory profiler
How to simulate memory allocation errors
Memory Management in Objective-C
Tools to view/solve Windows XP memory fragmentation
Smart Pointers: Or who owns you baby?
How is the Page File available calculated in Windows Task Manager?
How can I report to users what is consuming the process address space of a windows application while they're running it?
Does the Java VM move objects in memory, and if so - how?
What and where are the stack and heap
Memory management in C++
Does Scripting.Dictionary's RemoveAll() method release all of its elements first?
Will this C++ code cause a memory leak (casting array new)
deleting a buffer through a different type of pointer?
How does the NSAutoreleasePool autorelease pool work?
Is Global Memory Initialized in C++
Common memory optimization
How to log mallocs
WebSphere 6.1 generational gc default nursery size limit
Setting Objects to Null/Nothing after use in .NET