[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ProgSoc] x86 ASM Question
This may be totally the wrong place for this question but I thought I'd
ask anyways. I'm disassembling a program, its statically linked and
appears to have been compiled with -fomit-frame-pointers. I've
disassembled good stuff so far, but I've reached a 'ret' and can't seem to
work out where the code is jumping so I can intercept it and keep
disassembling. Some gdb output:
(gdb) info fr
Stack level 0, frame at 0xbffff7ac:
eip = 0x80f688d; saved eip 0x8058083
called by frame at 0xbffff864
Arglist at 0xbffff7ac, args:
Locals at 0xbffff7ac, Previous frame's sp is 0x0
Saved registers:
ebp at 0xbffff7ac, eip at 0xbffff7b0
(gdb) bt
#0 0x80f688d in ?? ()
#1 0x8058083 in ?? ()
#2 0x80574ff in ?? ()
#3 0x804816c in ?? ()
(gdb) x/3i 0x80f688d
0x80f688d: ret
0x80f688e: nop
0x80f688f: nop
Now I would have thought that would have caused a jump to 0x8058083, the
saved eip, but it doesn't appear to:
(gdb) break *0x8058083
Breakpoint 2 at 0x8058083
does not catch the program before it runs off.
I assume I'm missing something really simple since I'm an assembler
novice, but any help would be appreciated.
Cheers,
Shaun
-
You are subscribed to the progsoc mailing list. To unsubscribe, send a
message containing "unsubscribe" to progsoc-request@nospam.progsoc.uts.edu.au.
If you are having trouble, ask owner-progsoc@nospam.progsoc.uts.edu.au for help.