Hi there -
I could be wrong, but in this case the variable "buf" is being placed
on the stack. The sub instruction is being used to move the stack
pointer. No library call is being made.
Brian
On 4/15/05, wyj-me <wyj3390@xxxxxxxxxxxxxxxxxx> wrote:
> Dear friend,
> First of all, thank you for reading my letter.
> I am a student.When I do researches about the buffer overflow, I meet a question and want to get your help.Please permit me to illustrate it with the following example:
> First, provided we have such a simple program named as test001.c.
> -------------------------------
> int main()
> {
> char buf[10];
> int i;
>
> i=0;
> return 1;
> }
> -------------------------------
> If we compile the program with the command: gcc -S test001.s test001.c, show the content of the test001.s, we can get the following:
> -------------------------------
> .file 'test001.c'
> .text
> .globl main
> .type main,@function
> main:
> pushl %ebp
> movl %esp,%ebp
> subl $40,%esp
> andl $-16,%esp
> movl $0,%eax
> subl %eax,%esp
> movl $0,-28(%ebp)
> movl $1,%eax
> leave
> ret
> .Lfel:
> .size main,.Lfel-main
> .ident 'GCC(GNU)3.2.2 20030222(Red Hat Linux(3.2.2-5)'
> --------------------------------
> From the above, we can know that the instruction 'subl $40,%esp' is used to allocate the space for the buf[] and i. My trouble is that I don't know in which function the 'subl $40,%esp' is introduced. Now I want to add some instructions before
> the 'subl $40,%esp' to set some flags to indicate the end of the string. I hope you can tell me which sourcecode file I should look through among so many sourcecode files with the gcc tool.
> Thanks again.
> Look forward to your answer.
> Sincerely,
> Yejun Wang
>
>
> wyj-me
> wyj3390@xxxxxxxxxxxxxxxxx
> 2005-04-15
>
