|
http://www.hackerschool.org/HS_Boards/zboard.php?id=QNA_programming&no=142 [º¹»ç]
[root@indra tmp]# alias gdb='gdb -q'
[root@indra tmp]# cat 1.c
int main() { char buf[128]; }
[root@indra tmp]# gcc -v
Reading specs from /usr/lib/gcc-lib/i386-redhat-linux/2.96/specs
gcc version 2.96 20000731 (Red Hat Linux 7.3 2.96-110)
[root@indra tmp]# gcc -o 1 1.c
[root@indra tmp]# gdb 1
(gdb) disas main
Dump of assembler code for function main:
0x80483d0 <main>: push %ebp
0x80483d1 <main+1>: mov %esp,%ebp
0x80483d3 <main+3>: sub $0x88,%esp
..
End of assembler dump.
(gdb) q
[root@indra tmp]# gcc -o 1 -mpreferred-stack-boundary=2 1.c
[root@indra tmp]# gdb 1
(gdb) disas main
Dump of assembler code for function main:
0x80483d0 <main>: push %ebp
0x80483d1 <main+1>: mov %esp,%ebp
0x80483d3 <main+3>: add $0xffffff80,%esp
..
End of assembler dump.
(gdb) q
[root@indra tmp]#
óÀ½ ¿É¼ÇÀ» ¾ÈÁÖ°í ÄÄÆÄÀÏ ÇßÀ»¶§ 0x88 ¸¸Å stack size °¡ ÀâÇû½À´Ï´Ù.
0x88 À̶õ 16Áø¼öÀÌ°í 10Áø¼ö·Î °è»êÇßÀ»¶§´Â 136 ÀÌÁö¿ä.
µÎ¹ø° ¿É¼ÇÀ» ÁÖ°í ÄÄÆÄÀÏ ÇßÀ»¶§´Â $0xffffff80 À̶ó°í µÇ¾î Àִµ¥
ÀÌ´Â %esp ÀÇ ÁÖ¼Ò¿¡¼ 0xffffff80 ¸¸ÅÀ» add Çß´Ù´Â ¶æÀÌ µË´Ï´Ù.
0xffffffff - 0xffffff80 = 7F (127), 0 ºÎÅÍ °è»êÇÏ´Ï +1,
Áï 128 ¹ÙÀÌÆ® ¸¸Å Á¤È®ÇÏ°Ô ¸Â¾Æ ¶³¾î Áý´Ï´Ù.
´õ¹Ì°¡ 8 ¹ÙÀÌÆ® ¸¸Å ºÙ¾î Àִٴ°ÍÀ» ¾Ë¼ö ÀÖ½À´Ï´Ù.
BOF ¸¦ ÇϽǶ§ gdb ¸¦ »ç¿ëÇϽǼö ÀÖÀ¸½Ã¸é gdb ·Î ÇØ´ç stack ¿¡ ÀâÈù °ªÀ»
Á÷Á¢ º¸½Å ÈÄ °è»êÇϽô °ÍÀÌ ÁÁÀ»µí ½Í½À´Ï´Ù.
>¿½ÉÈ÷ ÇÏ°í ÀÖ´Â Ãʺ¸ÀÔ´Ï´Ù.
>gcc 2.96¹öÀüÀÌ ±ò·ÁÀÖ½À´Ï´Ù.
>
>gcc -o egg egg.c -mpreferred-stack-boundary=2
>
>¿Í °°ÀÌ Çϸé 2.95ÀÌÇÏ ¹öÀüÀ¸·Î ÄÄÆÄÀÏ µÇ¾î ½ºÅñ¸Á¶ ¶ÇÇÑ ´õ¹Ì ¾ø´Â ¿¾³¯°ÍÀ¸·Î
>µÈ´Ù°í ¾óÇÍ µé¾ú½À´Ï´Ù.
>
>±×·¡¼ Àúµµ À§¿Í °°ÀÌ Çغôµ¥ ½ºÅôýÇÁÇØ º» °á°ú ¶È°°ÀÌ ³ª¿À´õ¶ó±¸¿ä.
>À§¿Í °°ÀÌ ÇÏ¸é ´Ù¸£°Ô µÇ±ä µÇ´Â°Ç°¡¿ä. -_-;; Ãʺ¸¶ó ¾ÆÁ÷ ¸ð¸£´Â°Ô ¸¹¾Æ¿ä.
>Â÷ÀÌÁ¡À» Á¤È®È÷ ¾Ë ¼ö ÀÖ´Â ¹æ¹ýÀ» ¾Ë·ÁÁÖ¼¼¿ä.(gcc ¹öÀüÀ» ´Ù½Ã ±î´Â°ÍÀ» Á¦¿ÜÇÏ°í)
>^^;;
>
>PS. FTZ ¼¹ö ÅÚ³Ý Á¢¼ÓÀÌ ¾ÈµÇ´øµ¥ ¿Ö ±×·¸ÁÒ? °¡²û ¾ÈµÇ¿ä.
|
Hit : 4147 Date : 2003/10/11 08:34
|
3206, 
7/161 
