here is my disas code:
0x0804844d <+0>: push %ebp 0x0804844e <+1>: mov %esp,%ebp 0x08048450 <+3>: and $0xfffffff0,%esp 0x08048453 <+6>: sub $0x20,%esp 0x08048456 <+9>: movl $0x8048540,(%esp) 0x0804845d <+16>: call 0x8048310 <puts@plt> 0x08048462 <+21>: lea 0x1c(%esp),%eax 0x08048466 <+25>: mov %eax,0x4(%esp) 0x0804846a <+29>: movl $0x8048555,(%esp) 0x08048471 <+36>: call 0x8048320 <scanf@plt> 0x08048476 <+41>: mov 0x1c(%esp),%eax 0x0804847a <+45>: cmp $0x208c,%eax 0x0804847f <+50>: jne 0x804848f <main+66> 0x08048481 <+52>: movl $0x8048558,(%esp) 0x08048488 <+59>: call 0x8048310 <puts@plt> 0x0804848d <+64>: jmp 0x804849b <main+78> => 0x0804848f <+66>: movl $0x8048569,(%esp) 0x08048496 <+73>: call 0x8048310 <puts@plt> 0x0804849b <+78>: mov $0x0,%eax 0x080484a0 <+83>: leave 0x080484a1 <+84>: ret
what i'm tring to examine is $0x208c. When I type x/xw 0x208c it gives me back error which says Cannot access memory at address 0x208c. When i type Info registers and look at eax it says the value which i provided. So basically this program compares two values and depending on that prints something out.The problem is that this is homework from university and I have not got code. Hope you can help. Thank you.
When I type
x/xw 0x208c
it gives me back error which saysCannot access memory at address 0x208c
The disassembly for your program says that it does something like this:
puts("some string"); int i; scanf("%d", &i); // I don't know what the actual format string is. // You can find out with x/s 0x8048555 if (i == 0x208c) { ... } else { ... }
In other words, the 0x208c
is a value (8332
) that your program has hard-coded in it, and is not a pointer. Therefore, GDB is entirely correct in telling you that if you interpret 0x208c
as a pointer, that pointer does not point to readable memory.
i finally figured out to use print statement instead of x/xw
You appear to not understand the difference between print
and examine
commands. Consider this example:
int foo = 42; int *pfoo = &foo;
With above, print pfoo
will give you the address of foo
, and x pfoo
will give you the value stored at that address (i.e. the value of foo
).
I found out that it is impossible to examine mmap
ed memory that does not have PROT_READ
flag. This is not the OPs problem, but it was mine, and the error message is the same.
Instead of
mmap(0, size, PROT_WRITE | PROT_EXEC, MAP_PRIVATE | MAP_ANONYMOUS, 0, 0);
do
mmap(0, size, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_PRIVATE | MAP_ANONYMOUS, 0, 0);
and voila, the memory can be examined.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With