问题描述
在 gdb 中我可以使用 call 来运行函数,但是如果我想运行一些额外的程序集怎么办?
In gdb I can use call to run functions,but what if I want to run some additional assembly?
推荐答案
在 GCC 5 (1) 之前,我不知道有什么方法可以运行任意机器码,除非你实际输入机器码存入内存,然后运行.
Prior to GCC 5 (1), I don't know of a way to run arbitrary machine code unless you actually enter the machine code into memory and then run it.
如果你想在内存中运行已经的代码,你可以将指令指针设置为开始,在结束处设置一个断点,然后继续.然后,在断点之后,将指令指针改回原来的值.
If you want to run code that's already in memory, you can just set the instruction pointer to the start, a breakpoint at the end, then go. Then, after the breakpoint, change the instruction pointer back to its original value.
但我实际上看不到这个用例.这并不意味着没有,只是你可以通过运行代码来做任何事情,你也可以通过直接修改寄存器、标志、内存等来实现.
But I can't actually see the use case for this. That doesn't mean there isn't one, just that anything you can do by running code, you can also achieve by directly modifying the registers, flags, memory and so forth.
例如命令:
info registers
将转储寄存器的当前值,同时:
will dump the current values of the registers while:
set $eax = 42
将 eax 寄存器更改为 42.
will change the eax register to 42.
你也可以这样改变内存:
You can also change memory in this way:
set *((char*)0xb7ffeca0) = 4
这会将单个字节写入内存位置0xb7ffeca0,您也可以使用相同的方法来存储更广泛的数据类型.
This writes a single byte to memory location 0xb7ffeca0 and you can also use that same method to store wider data types.
(1) GCC 5 允许您使用 compile code 命令编译和执行任意代码,如文档 这里.
(1) GCC 5 allows you to compile and execute arbitrary code with the compile code command, as documented here.
这篇关于如何在 gdb 中调用程序集?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,WP2