gcc常用的编译选项对代码的影响
本文出自:http://xfocus.org 作者:alert7
测试环境?redhat?6.2
★?前言
本文讨论gcc的一些常用编译选项对代码的影响。当然代码变了,
它的内存布局也就会变了,随之exploit也就要做相应的变动。
gcc的编译选项实在太多,本文检了几个最常用的选项。
★?演示程序
[alert7@redhat62?alert7]$?cat?>?test.c
#include?
void?hi(void)
{
printf("hi");
}
int?main(int?argc,?char?*argv[])
{
????????hi();
????????return?0;
}
★?一般情况
[alert7@redhat62?alert7]$?gcc?-o?test?test.c
[alert7@redhat62?alert7]$?wc?-c?test
??11773?test
[alert7@redhat62?alert7]$?gdb?-q?test
(gdb)?disass?main
Dump?of?assembler?code?for?function?main:
0x80483e4?:???????push???%ebp
0x80483e5?:?????mov????%esp,%ebp
0x80483e7?:?????call???0x80483d0?
0x80483ec?:?????xor????%eax,%eax
0x80483ee?:????jmp????0x80483f0?
0x80483f0?:????leave
0x80483f1?:????ret
....
End?of?assembler?dump.
(gdb)?disass?hi
Dump?of?assembler?code?for?function?hi:
0x80483d0?:????????push???%ebp
0x80483d1?:???????mov????%esp,%ebp
0x80483d3?:???????push???$0x8048450
0x80483d8?:???????call???0x8048308?
0x80483dd?:??????add????$0x4,%esp
0x80483e0?:??????leave
0x80483e1?:??????ret
0x80483e2?:??????mov????%esi,%esi
End?of?assembler?dump.
来看看部分的内存映象
???????????????????(内存高址)
??????????????????????????????+--------+
??????????????????????????????|bffffbc4|?argv的地址(即argv[0]的地址)
???????????????????0xbffffb84?+--------+
??????????????????????????????|00000001|?argc的值
???????????????????0xbffffb80?+--------+
??????????????????????????????|400309cb|main的返回地址
???????????????????0xbffffb7c?+--------+?
本文地址:http://com.8s8s.com/it/it28602.htm