Re: CALL too posision
From: Frank Kotler (fbkotler_at_comcast.net)
Date: 04/24/04
- Next message: Perry S. Morris: "Feedback on design implementation of a alloc/strncpy"
- Previous message: Grumble: "Re: 6 Uops Equals One Clock Cycle???"
- In reply to: Xenzeo: "CALL too posision"
- Next in thread: Xenzeo: "Re: CALL too posision"
- Reply: Xenzeo: "Re: CALL too posision"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 24 Apr 2004 14:51:52 +0000 (UTC)
Xenzeo wrote:
> Hey guys...
>
> I'm currently trying too learn the art of writing ASM code...
>
> Anyway, i have come across a bit of a problem, when writing the asm
> code for a shell i want too spawn.. I have no problem in spawning the
> shell but i do have a problem with the first JMP and the last CALL
> operation, i can't get it too reconize the right posision...
What's the "right position"? T.M. sommers asks where you think the jump
is going to. Supposed to jump over the sys_setreuid? I'm even more
curious about the call! In the second place, it immediately follows
sys_exit, and in the first place, sys_execve isn't going to return,
unless there's an error.
[snip]
> When i compile this, and try to run it, i get a "Sigmentation Fault",
> caused by the JMP or CALL opcode...
Pretty sure you'll find it's the jmp. (you probably want a '$' on the
number, at the very least, unless it's intended to be an indirect jmp) I
don't think the call is ever being reached.
> If those are removed it spawn's a shell...
So remove 'em! Or don't you want to spawn a shell?
> So it starts from main+16, anything weird in this? Guides i have read
> do not have the same result...
Well... It's normal for the C compiler to generate some "prolog", yeah.
I don't know what you've got for guides - Jonathan Bartlett's
"Programming from the Ground Up" looks very good to me (wish he'd used
Nasm!:)
http://www.cafeshops.com/bartlettpublish.8640017
http://savannah.nongnu.org/projects/pgubook/
> Anyway, my CALL operation does not refer to the right address
> "0x08048369" but "0xffffffc8" i belive this is my problem, but i
> can't find any solution too this problem....
Try "call $ . - 0x38", perhaps? Or "call $somename" if that's an option.
I'm Nasmist and don't know gas/gcc syntax much, and I haven't actually
tried this, but just from looking at it, I don't think you'll ever get
to the "call" anyway... unless the "jmp" is supposed to take you there,
which wouldn't make much sense...
One thing that might be confusing you is that jmp and call use relative
addressing. That is, you code "jmp $targetname", but what get assembled
into the codestream is "jmp $distance-to-target". What you see in a
disassembly... depends, I guess... If you get it backwards, or leave out
the "$" if you intended it, segfault is the likely result.
Maybe you could explain more about what you're trying to do with the jmp
and call.
Best,
Frank
- Next message: Perry S. Morris: "Feedback on design implementation of a alloc/strncpy"
- Previous message: Grumble: "Re: 6 Uops Equals One Clock Cycle???"
- In reply to: Xenzeo: "CALL too posision"
- Next in thread: Xenzeo: "Re: CALL too posision"
- Reply: Xenzeo: "Re: CALL too posision"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
