开发者

"call 0x80482f0 <puts@plt>"? Just need clarification of one line of code in a 'hello world' program in x86 assembly

"call 0x80482f0 <puts@plt>"? Just need help with one line of code in a 'hello world' program in x86 assembly.

NOTE: i'm running ubuntu linux while programming/debugging this, using gcc as the compiler and gdb for the debugger.

I am reading Hacking: The art of Exploitation V2 and I compiled this C program:

1       #include <stdio.h>
2
3       int main()
4       {
5         int i;
6         for(i=0; i<10; i++)
7         {
8           printf("Hello, world\n");
9         }
10        return 0;

into this program in assembly:

   0x080483b4 <+0>:     push   ebp
   0x080483b5 <+1>:     mov    ebp,esp
   0x080483b7 <+3>:     and    esp,0xfffffff0
   0x080483ba <+6>:     sub    esp,0x20
   0x080483bd <+9>:     mov    开发者_如何学PythonDWORD PTR [esp+0x1c],0x0
   0x080483c5 <+17>:    jmp    0x80483d8 <main+36>
   0x080483c7 <+19>:    mov    DWORD PTR [esp],0x80484b0
   0x080483ce <+26>:    call   0x80482f0 <puts@plt>
=> 0x080483d3 <+31>:    add    DWORD PTR [esp+0x1c],0x1
   0x080483d8 <+36>:    cmp    DWORD PTR [esp+0x1c],0x9
   0x080483dd <+41>:    jle    0x80483c7 <main+19>
   0x080483df <+43>:    mov    eax,0x0
   0x080483e4 <+48>:    leave  
   0x080483e5 <+49>:    ret

now.. i understand every portion of this program, until it gets to:

   0x080483ce <+26>:    call   0x80482f0 <puts@plt>

what i do not understand is.. if "Hello, world\n" is stored at 0x80484b0, and that address is then stored into the address at ESP, why does the:

0x080483ce <+26>:    call   0x80482f0 <puts@plt>

refer to 0x80482f0, instead of [esp] or just "0x80484b0" to print "Hello, world\n" to the screen? i used gdb and i cannot figure out what exactly is being referenced with 0x80482f0.. any help would be great

thanks (and remember, im just starting out with this stuff, so im a noob)

also.. i copy and pasted the disassembled main function from gdb for convenience, if you need any more info, just ask. and if you would like to explain that one command for me, that would be great as well because i've only used "int 80h"'s for printing stuff to the screen before


0x80482f0 is the address of the puts function. To be more precise, it points to the entry for puts() in the program linker table (PLT) - basically just a bunch of JMP <some routine in a so-library>s (it's a little more complex than that, but that's not important for this discussion). The puts function looks for its argument on the stack - ie, at [esp].

You may be wondering where that puts() call came from - the compiler here was smart enough to see that you didn't actually use any format string parameters in your call to printf(), and replaced that call with a call to the (somewhat faster) puts(). If you'll look closely, you'll see that it also removed the newline from your string, because puts() appends a newline after printing the string it is given.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜