How can I see string value in stack?

0
votes

I have the following assembly code.

I can see the string value in "%rax" register after "lea" -- (A)

(gdb) p (char*)0x558efff0a010
$1 = 0x558efff0a010 "abc"

However I can't see the value in stack after the "move" -- (B)

(gdb) p (char*)0x7fff2754b2a8
$2 = 0x7fff2754b2a8 "\020\240\360\377\216U"

Am I missing something?

assembly code

.data
.L0:
    .string "abc"
    .text
    .global f
f:
    push %rbp
    mov %rsp, %rbp
    sub $8, %rsp
    lea .L0(%rip), %rax -- (A)
    mov %rax, -8(%rbp) -- (B)
    leave
    ret

main:

rax            0x558effd095fa   94072665576954
rbp            0x7fff2754b2c0   0x7fff2754b2c0
rsp            0x7fff2754b2c0   0x7fff2754b2c0

--------------|--------------
ADDRESS       |VALUE
--------------|--------------
0x7fff2754b2c0|                        <= rbp, rsp
--------------|--------------

f()

rax            0x0  0
rbp            0x7fff2754b2c0   0x7fff2754b2c0
rsp            0x7fff2754b2b8   0x7fff2754b2b8

--------------|--------------
ADDRESS       |VALUE
--------------|--------------
0x7fff2754b2c0|                        <= rbp
--------------|--------------
0x7fff2754b2b8|                       <= rsp
--------------|--------------

push %rbp

rax            0x0  0
rbp            0x7fff2754b2c0   0x7fff2754b2c0
rsp            0x7fff2754b2b0   0x7fff2754b2b0

--------------|--------------
ADDRESS       |VALUE
--------------|--------------
0x7fff2754b2c0|                       <= rbp
--------------|--------------
0x7fff2754b2b8|                      
--------------|--------------
0x7fff2754b2b0|                       <= rsp
--------------|--------------

mov %rsp, %rbp

rax            0x0  0
rbp            0x7fff2754b2b0   0x7fff2754b2b0
rsp            0x7fff2754b2b0   0x7fff2754b2b0

--------------|--------------
ADDRESS       |VALUE
--------------|--------------
0x7fff2754b2c0|                       
--------------|--------------
0x7fff2754b2b8|                      
--------------|--------------
0x7fff2754b2b0|                      <= rbp, rsp
--------------|--------------

sub $8, %rsp

rax            0x0  0
rbp            0x7fff2754b2b0   0x7fff2754b2b0
rsp            0x7fff2754b2a8   0x7fff2754b2a8

--------------|--------------
ADDRESS       |VALUE
--------------|--------------
0x7fff2754b2c0|                       
--------------|--------------
0x7fff2754b2b8|                      
--------------|--------------
0x7fff2754b2b0|                      <= rbp
--------------|--------------
0x7fff2754b2a8|                      <= rsp
--------------|--------------

lea .L0(%rip), %rax

rax            0x558efff0a010   94072667676688
rbp            0x7fff2754b2b0   0x7fff2754b2b0
rsp            0x7fff2754b2a8   0x7fff2754b2a8

--------------|--------------
ADDRESS       |VALUE
--------------|--------------
0x7fff2754b2c0|                       
--------------|--------------
0x7fff2754b2b8|                      
--------------|--------------
0x7fff2754b2b0|                      <= rbp
--------------|--------------
0x7fff2754b2a8|                      <= rsp
--------------|--------------

(gdb) p (char*)0x558efff0a010
$1 = 0x558efff0a010 "abc"

mov %rax, -8(%rbp)

rax            0x558efff0a010   94072667676688
rbp            0x7fff2754b2b0   0x7fff2754b2b0
rsp            0x7fff2754b2a8   0x7fff2754b2a8

--------------|--------------
ADDRESS       |VALUE
--------------|--------------
0x7fff2754b2c0|                       
--------------|--------------
0x7fff2754b2b8|                      
--------------|--------------
0x7fff2754b2b0|                      <= rbp
--------------|--------------
0x7fff2754b2a8|                      <= rsp
--------------|--------------

(gdb) p (char*)0x7fff2754b2a8
$2 = 0x7fff2754b2a8 "\020\240\360\377\216U"

Update 1

I tried (char**)

rax            0x55b1ef3cc010   94222711308304
rsp            0x7ffd7fcd8cc8   0x7ffd7fcd8cc8

(gdb) p (char*)0x55b1ef3cc010
$3 = 0x55b1ef3cc010 "abc"

(gdb) p (char**)0x7ffd7fcd8cc8
$2 = (char **) 0x7ffd7fcd8cc8

As @Peter Cordes said, I found the difference between LEA and MOV.

  • LEA means Load Effective Address

  • MOV means Load Value

What is the difference between MOV and LEA?

1
assemblygdb

1 Answers

2
votes

The string data is still only located at absolute address 0x558efff0a010.

You just stored a pointer to it on the stack, and then told GDB to print the bytes of that pointer value as a string. If you decode the octal \020\240\360\377\216U, notice that octal 020 = 2*8 is hex 0x10 = 1*16, the first byte of pointer (little-endian).

Perhaps you want *(char **)0x7fff2754b2a8 to dereference the stack address and get a char* from that memory location.