GDB Print Value Relative to Register

Question

Ok, so basically I'm wondering how to print the value of a memory address that is at an offset from the address stored in a register in GDB. For instance, take this assembly line:

mov 0x34(%esp),%edx

In my understanding, this takes the value 52 bytes after the address pointed to by the stack pointer, and stores that value inside of the edx register. In this case the value is a string, so it would be storing a char *. When using the examine command inside of GDB on the edx register:

x/s $edx

It prints out the string as it's supposed to. However, when I try to print out the string by directly examining the location it was copied from using this command:

x/s $esp + 0x34

It prints out garbage. Why is this? Have I misunderstood the syntax of the GDB command, or is it something else?

Answer 1

x command print out the data at address pointed to by register specified. For example x/s $edx prints string starting at address defined by the value of edx register. It should also print the address itself.

Let's assume the value of esp is 0x7fffff00 and value loaded from 0x34(%esp) to edx is 0x43210. x/s $edx will print string at location 0x43210 in a manner similar to this:

(gdb) x/s $esp
0x0x43210:   "hello world!"

While x/s $esp + 0x34 will actually try to print a string starting at 0x7fffff34. There is pointer to actual string there, so if you do x/wx $esp + 0x34 you should see the pointer to your string (0x43210). The "garbage" you see is this pointer (and following data) represented as string.