Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What is %gs in Assembly

Tags:

linux

x86

assembly

thread-local-storage

memory-segmentation

void return_input (void)
{ 
   char array[30]; 

   gets (array); 
   printf("%s\n", array); 
}

After compiling it in gcc, this function is converted to the following Assembly code:

push   %ebp
mov    %esp,%ebp
sub    $0x28,%esp
mov    %gs:0x14,%eax
mov    %eax,-0x4(%ebp)
xor    %eax,%eax
lea    -0x22(%ebp),%eax
mov    %eax,(%esp)
call   0x8048374 
lea    -0x22(%ebp),%eax
mov    %eax,(%esp)
call   0x80483a4 
mov    -0x4(%ebp),%eax
xor    %gs:0x14,%eax
je     0x80484ac 
call   0x8048394 
leave  
ret

I don't understand two lines:

mov    %gs:0x14,%eax
xor    %gs:0x14,%eax

What is %gs, and what exactly these two lines do?

This is compilation command:

cc -c -mpreferred-stack-boundary=2 -ggdb file.c
like image 917
Alex F Avatar asked Feb 12 '12 13:02

Alex F

People also ask

What is FS and GS?

The registers FS and GS are segment registers. They have no processor-defined purpose, but instead are given purpose by the OS's running them. In Windows 64-bit the GS register is used to point to operating system defined structures. FS and GS are commonly used by OS kernels to access thread-specific memory.

What is the rip register?

The %rip register on x86-64 is a special-purpose register that always holds the memory address of the next instruction to execute in the program's code segment.

What is GS 0x14?

It means reading 4 bytes into eax from memory at address gs:0x14. gs is a segment register. Most likely thread-local storage (AKA TLS ) is referenced through this register.

What is SS register?

The stack segment register (SS) is usually used to store information about the memory segment that stores the call stack of currently executed program. SP points to current stack top. By default, the stack grows downward in memory, so newer values are placed at lower memory addresses.

2 Answers

GS is a segment register, its use in linux can be read up on here (its basically used for per thread data).

mov    %gs:0x14,%eax
xor    %gs:0x14,%eax

this code is used to validate that the stack hasn't exploded or been corrupted, using a canary value stored at GS+0x14, see this.

gcc -fstack-protector=strong is on by default in many modern distros; you can use gcc -fno-stack-protector to not add those checks. (On x86, thread-local storage is cheap so GCC keeps the randomized canary value there, making it somewhat harder to leak.)

like image 150
Necrolis Avatar answered Sep 26 '22 06:09

Necrolis

ES, FS, GS: Extra Segment Registers Can be used as extra segment registers; also used in special instructions that span segments (like string copies). taken from here

http://www.hep.wisc.edu/~pinghc/x86AssmTutorial.htm

hope it helps

like image 27
Sergey Benner Avatar answered Sep 23 '22 06:09

Sergey Benner
Sign in to Comment

Related questions

What does #!/usr/bin/... at the start of a file mean?
How to find the mountpoint a file resides on?
using exec to execute a system command in a new process
How can I get a filename from a file descriptor inside a kernel module?
Run Executable from makefile
End of line (new line) escapes in bash
How can I get the CPU core number from within a user-space app (Linux, C)?
How to select a static port number for a custom app?
Is stat() an expensive system call?
JDK 1.8 on Linux missing JNI include file
How to use Systemd to restart a service when down? [closed]
load warning: cannot find entry symbol _start
change thread name on linux (htop)
What is intptr_t,is it a type for integer or pointer?
How do you give su the current user environment variables
Allowing Ctrl-C to interrupt a python C-extension
Python multiprocessing memory usage
kafka-server-stop.sh not working when Kafka started from Python script
Run a linux system command as a superuser, using a python script
C code changes terminal text color; how can I restore defaults? Linux

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!