jeudi 13 août 2015

stack frames and gdb

I'm new to reverse engeneering. I wrote the following C code to help me understand a bit more about stack frames.

#include <stdio.h>

int sum(int a, int b,int c)
{
        return(a+b+c);
}

int media(int a, int b,int c)
{
        int total;
        total = a + b + c;
        return (total/3);

}

int main ()
{
        int num1,num2,num3;
        char keypress[1];

        num1 = 5;
        num2 = 10;
        num3 = 15;

        printf ("\nCalling sum function\n");
        sum(num1,num2,num3);
        printf ("\nWaiting a keypress to call media function\n");
        scanf ("%c",keypress);
        media(num1,num2,num3);
        printf ("\nWaiting a keypress to end\n");
        scanf ("%c",keypress);
        return(0);
}

As far as I know every time you call a function a stack frame is created (see: http://ift.tt/1hAE6k0). So, my goal with the above C code is to see, at least, three stack-frames.

1) main function - stack frame

2) sum function - stack frame

3) media function - stack frame

BTW: Those printfs are just to help me 'follow' the program in gdb. =)

So I guess if I compare the output of info frame after the program started with the output of info frame just after sum function is called I would get different output right? I did not got it as you can see:

Temporary breakpoint 1, main () at parastack.c:27
warning: Source file is more recent than executable.
27              num1 = 5;
(gdb) nexti
28              num2 = 10;
(gdb) info frame
Stack level 0, frame at 0x7fffffffdf00:
 rip = 0x400605 in main (parastack.c:28); saved rip = 0x7ffff7a3c790
 source language c.
 Arglist at 0x7fffffffdef0, args:
 Locals at 0x7fffffffdef0, Previous frame's sp is 0x7fffffffdf00
 Saved registers:
  rbp at 0x7fffffffdef0, rip at 0x7fffffffdef8
(gdb) nexti
29              num3 = 15;
(gdb) nexti
31              printf ("\nCalling sum function\n");
(gdb) nexti
0x0000000000400618      31              printf ("\nCalling sum function\n");
(gdb) nexti

Calling sum function
32              sum(num1,num2,num3);
(gdb) info frame
Stack level 0, frame at 0x7fffffffdf00:
 rip = 0x40061d in main (parastack.c:32); saved rip = 0x7ffff7a3c790
 source language c.
 Arglist at 0x7fffffffdef0, args:
 Locals at 0x7fffffffdef0, Previous frame's sp is 0x7fffffffdf00
 Saved registers:
  rbp at 0x7fffffffdef0, rip at 0x7fffffffdef8
(gdb) nexti
0x0000000000400620      32              sum(num1,num2,num3);
(gdb) info frame
Stack level 0, frame at 0x7fffffffdf00:
 rip = 0x400620 in main (parastack.c:32); saved rip = 0x7ffff7a3c790
 source language c.
 Arglist at 0x7fffffffdef0, args:
 Locals at 0x7fffffffdef0, Previous frame's sp is 0x7fffffffdf00
 Saved registers:
  rbp at 0x7fffffffdef0, rip at 0x7fffffffdef8


via Chebli Mohamed
Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)