Create an account

Very important

  • To access the important data of the forums, you must be active in each forum and especially in the leaks and database leaks section, send data and after sending the data and activity, data and important content will be opened and visible for you.
  • You will only see chat messages from people who are at or below your level.
  • More than 500,000 database leaks and millions of account leaks are waiting for you, so access and view with more activity.
  • Many important data are inactive and inaccessible for you, so open them with activity. (This will be done automatically)

0Day Forums Coding Assembly Mysterious printf argument when disassembling c program

Thread Rating:
  • 225 Vote(s) - 3.4 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Options
Mysterious printf argument when disassembling c program

Offline abernathy123


Member
*
Member
Posts: 0
Threads: 0
Joined: Nov 2022
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#1
07-24-2023, 07:45 AM
So I have this c code:

#include <stdio.h>

int main(void)
{
int a;
int b;
int c;

a=b=c=5;

printf("Hi%d%d%dHi",a,b,c);
}

I compiled it on ubuntu with:

gcc program.c -o program -ggdb -m32 -O2

And then disassembled it with:

objdump -M intel program -d

And in main printf() gets called like this:

mov DWORD PTR [esp+0x10],0x5
mov DWORD PTR [esp+0xc],0x5
mov DWORD PTR [esp+0x8],0x5
mov DWORD PTR [esp+0x4],0x8048500
mov DWORD PTR [esp],0x1
call 8048330 <__printf_chk@plt>

What I am wondering right now is what this means:

mov DWORD PTR [esp],0x1

I know what the first 4 mov instructions are for, but I just can't figure out why a '1' gets pushed onto the stack. Also this mov only occurs when optimization is turned on. Any ideas?
Reply

Offline raasch514


Member
*
Member
Posts: 0
Threads: 0
Joined: Jun 2017
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#2
07-24-2023, 07:54 AM
The GNU C library (glibc) will use `__printf_chk` instead of `printf` if you (or the the compiler) defines `_FORTIFY_SOURCE` and optimization is enabled. The `_chk` version of the function behaves just like the function it replaces except it's supposed to [check for stack overflow][1] and maybe validate the arguments. The extra first argument indicates how much checking and validation should occur.

Looking at the [actual glibc implmenation][2] it appears that doesn't do any additional stack checking over what the compiler automatic provides (and so shouldn't be necessary) and the validation of arguments is very minimal. It will check that `%n` only appears on read-only format strings, and checks that if the special <code>%<i>m</i>$</code> argument specifiers are used that they're used for all arguments without any gaps.


[1]:

[To see links please register here]

[2]:

[To see links please register here]

Reply

« Next Oldest
Next Newest »


Forum Jump:


Users browsing this thread:
1 Guest(s)

©0Day  2016 - 2023 | All Rights Reserved.  Made with    for the community. Connected through