Skip to content

Instantly share code, notes, and snippets.

@cacharle

cacharle/assembly.txt

Created December 31, 2024 17:37
Show Gist options
  • Save cacharle/dab0ed2df478f1cf9fffa3d4af830845 to your computer and use it in GitHub Desktop.
Save cacharle/dab0ed2df478f1cf9fffa3d4af830845 to your computer and use it in GitHub Desktop.
Download ZIP
string literal vs string array investigation
Raw
assembly.txt
a.out: file format elf64-x86-64
Disassembly of section .init:
0000000000001000 <_init>:
1000: f3 0f 1e fa endbr64
1004: 48 83 ec 08 sub rsp,0x8
1008: 48 8b 05 c1 2f 00 00 mov rax,QWORD PTR [rip+0x2fc1] # 3fd0 <__gmon_start__@Base>
100f: 48 85 c0 test rax,rax
1012: 74 02 je 1016 <_init+0x16>
1014: ff d0 call rax
1016: 48 83 c4 08 add rsp,0x8
101a: c3 ret
Disassembly of section .plt:
0000000000001020 <puts@plt-0x10>:
1020: ff 35 ca 2f 00 00 push QWORD PTR [rip+0x2fca] # 3ff0 <_GLOBAL_OFFSET_TABLE_+0x8>
1026: ff 25 cc 2f 00 00 jmp QWORD PTR [rip+0x2fcc] # 3ff8 <_GLOBAL_OFFSET_TABLE_+0x10>
102c: 0f 1f 40 00 nop DWORD PTR [rax+0x0]
0000000000001030 <puts@plt>:
1030: ff 25 ca 2f 00 00 jmp QWORD PTR [rip+0x2fca] # 4000 <puts@GLIBC_2.2.5>
1036: 68 00 00 00 00 push 0x0
103b: e9 e0 ff ff ff jmp 1020 <_init+0x20>
0000000000001040 <__stack_chk_fail@plt>:
1040: ff 25 c2 2f 00 00 jmp QWORD PTR [rip+0x2fc2] # 4008 <__stack_chk_fail@GLIBC_2.4>
1046: 68 01 00 00 00 push 0x1
104b: e9 d0 ff ff ff jmp 1020 <_init+0x20>
0000000000001050 <strdup@plt>:
1050: ff 25 ba 2f 00 00 jmp QWORD PTR [rip+0x2fba] # 4010 <strdup@GLIBC_2.2.5>
1056: 68 02 00 00 00 push 0x2
105b: e9 c0 ff ff ff jmp 1020 <_init+0x20>
Disassembly of section .text:
0000000000001060 <_start>:
1060: f3 0f 1e fa endbr64
1064: 31 ed xor ebp,ebp
1066: 49 89 d1 mov r9,rdx
1069: 5e pop rsi
106a: 48 89 e2 mov rdx,rsp
106d: 48 83 e4 f0 and rsp,0xfffffffffffffff0
1071: 50 push rax
1072: 54 push rsp
1073: 45 31 c0 xor r8d,r8d
1076: 31 c9 xor ecx,ecx
1078: 48 8d 3d da 00 00 00 lea rdi,[rip+0xda] # 1159 <main>
107f: ff 15 3b 2f 00 00 call QWORD PTR [rip+0x2f3b] # 3fc0 <__libc_start_main@GLIBC_2.34>
1085: f4 hlt
1086: 66 2e 0f 1f 84 00 00 cs nop WORD PTR [rax+rax*1+0x0]
108d: 00 00 00
1090: 48 8d 3d 91 2f 00 00 lea rdi,[rip+0x2f91] # 4028 <__TMC_END__>
1097: 48 8d 05 8a 2f 00 00 lea rax,[rip+0x2f8a] # 4028 <__TMC_END__>
109e: 48 39 f8 cmp rax,rdi
10a1: 74 15 je 10b8 <_start+0x58>
10a3: 48 8b 05 1e 2f 00 00 mov rax,QWORD PTR [rip+0x2f1e] # 3fc8 <_ITM_deregisterTMCloneTable@Base>
10aa: 48 85 c0 test rax,rax
10ad: 74 09 je 10b8 <_start+0x58>
10af: ff e0 jmp rax
10b1: 0f 1f 80 00 00 00 00 nop DWORD PTR [rax+0x0]
10b8: c3 ret
10b9: 0f 1f 80 00 00 00 00 nop DWORD PTR [rax+0x0]
10c0: 48 8d 3d 61 2f 00 00 lea rdi,[rip+0x2f61] # 4028 <__TMC_END__>
10c7: 48 8d 35 5a 2f 00 00 lea rsi,[rip+0x2f5a] # 4028 <__TMC_END__>
10ce: 48 29 fe sub rsi,rdi
10d1: 48 89 f0 mov rax,rsi
10d4: 48 c1 ee 3f shr rsi,0x3f
10d8: 48 c1 f8 03 sar rax,0x3
10dc: 48 01 c6 add rsi,rax
10df: 48 d1 fe sar rsi,1
10e2: 74 14 je 10f8 <_start+0x98>
10e4: 48 8b 05 ed 2e 00 00 mov rax,QWORD PTR [rip+0x2eed] # 3fd8 <_ITM_registerTMCloneTable@Base>
10eb: 48 85 c0 test rax,rax
10ee: 74 08 je 10f8 <_start+0x98>
10f0: ff e0 jmp rax
10f2: 66 0f 1f 44 00 00 nop WORD PTR [rax+rax*1+0x0]
10f8: c3 ret
10f9: 0f 1f 80 00 00 00 00 nop DWORD PTR [rax+0x0]
1100: f3 0f 1e fa endbr64
1104: 80 3d 1d 2f 00 00 00 cmp BYTE PTR [rip+0x2f1d],0x0 # 4028 <__TMC_END__>
110b: 75 33 jne 1140 <_start+0xe0>
110d: 55 push rbp
110e: 48 83 3d ca 2e 00 00 cmp QWORD PTR [rip+0x2eca],0x0 # 3fe0 <__cxa_finalize@GLIBC_2.2.5>
1115: 00
1116: 48 89 e5 mov rbp,rsp
1119: 74 0d je 1128 <_start+0xc8>
111b: 48 8b 3d fe 2e 00 00 mov rdi,QWORD PTR [rip+0x2efe] # 4020 <__dso_handle>
1122: ff 15 b8 2e 00 00 call QWORD PTR [rip+0x2eb8] # 3fe0 <__cxa_finalize@GLIBC_2.2.5>
1128: e8 63 ff ff ff call 1090 <_start+0x30>
112d: c6 05 f4 2e 00 00 01 mov BYTE PTR [rip+0x2ef4],0x1 # 4028 <__TMC_END__>
1134: 5d pop rbp
1135: c3 ret
1136: 66 2e 0f 1f 84 00 00 cs nop WORD PTR [rax+rax*1+0x0]
113d: 00 00 00
1140: c3 ret
1141: 66 66 2e 0f 1f 84 00 data16 cs nop WORD PTR [rax+rax*1+0x0]
1148: 00 00 00 00
114c: 0f 1f 40 00 nop DWORD PTR [rax+0x0]
1150: f3 0f 1e fa endbr64
1154: e9 67 ff ff ff jmp 10c0 <_start+0x60>
0000000000001159 <main>:
1159: 55 push rbp
115a: 48 89 e5 mov rbp,rsp
115d: 48 81 ec 30 01 00 00 sub rsp,0x130
1164: 64 48 8b 04 25 28 00 mov rax,QWORD PTR fs:0x28
116b: 00 00
116d: 48 89 45 f8 mov QWORD PTR [rbp-0x8],rax
1171: 31 c0 xor eax,eax
1173: 48 8d 05 8e 0e 00 00 lea rax,[rip+0xe8e] # 2008 <_IO_stdin_used+0x8>
117a: 48 89 85 d0 fe ff ff mov QWORD PTR [rbp-0x130],rax
1181: 48 8b 85 d0 fe ff ff mov rax,QWORD PTR [rbp-0x130]
1188: 48 89 c7 mov rdi,rax
118b: e8 c0 fe ff ff call 1050 <strdup@plt>
1190: 48 89 85 d8 fe ff ff mov QWORD PTR [rbp-0x128],rax
1197: 48 8d 85 e0 fe ff ff lea rax,[rbp-0x120]
119e: 48 8d 15 7b 0e 00 00 lea rdx,[rip+0xe7b] # 2020 <_IO_stdin_used+0x20>
11a5: b9 21 00 00 00 mov ecx,0x21
11aa: 48 89 c7 mov rdi,rax
11ad: 48 89 d6 mov rsi,rdx
11b0: f3 48 a5 rep movs QWORD PTR es:[rdi],QWORD PTR ds:[rsi]
11b3: 48 89 f2 mov rdx,rsi
11b6: 48 89 f8 mov rax,rdi
11b9: 0f b7 0a movzx ecx,WORD PTR [rdx]
11bc: 66 89 08 mov WORD PTR [rax],cx
11bf: 48 8d 40 02 lea rax,[rax+0x2]
11c3: 48 8d 52 02 lea rdx,[rdx+0x2]
11c7: 0f b6 0a movzx ecx,BYTE PTR [rdx]
11ca: 88 08 mov BYTE PTR [rax],cl
11cc: c6 85 e0 fe ff ff 23 mov BYTE PTR [rbp-0x120],0x23
11d3: 48 8b 85 d8 fe ff ff mov rax,QWORD PTR [rbp-0x128]
11da: c6 00 23 mov BYTE PTR [rax],0x23
11dd: 48 8b 85 d8 fe ff ff mov rax,QWORD PTR [rbp-0x128]
11e4: 48 89 c7 mov rdi,rax
11e7: e8 44 fe ff ff call 1030 <puts@plt>
11ec: 48 8d 85 e0 fe ff ff lea rax,[rbp-0x120]
11f3: 48 89 c7 mov rdi,rax
11f6: e8 35 fe ff ff call 1030 <puts@plt>
11fb: b8 00 00 00 00 mov eax,0x0
1200: 48 8b 55 f8 mov rdx,QWORD PTR [rbp-0x8]
1204: 64 48 2b 14 25 28 00 sub rdx,QWORD PTR fs:0x28
120b: 00 00
120d: 74 05 je 1214 <main+0xbb>
120f: e8 2c fe ff ff call 1040 <__stack_chk_fail@plt>
1214: c9 leave
1215: c3 ret
Disassembly of section .fini:
0000000000001218 <_fini>:
1218: f3 0f 1e fa endbr64
121c: 48 83 ec 08 sub rsp,0x8
1220: 48 83 c4 08 add rsp,0x8
1224: c3 ret
Raw
rodata_section.txt
a.out: file format elf64-x86-64
Contents of section .rodata:
2000 01000200 00000000 4920616d 20612073 ........I am a s
2010 7472696e 67206c69 74657261 6c000000 tring literal...
2020 4920616d 20612073 7472696e 67206172 I am a string ar
2030 72617920 6c6f6f6f 6f6f6f6f 6f6f6f61 ray looooooooooa
2040 73646661 7364666f 6f6f6f6f 6f6f6f6f sdfasdfooooooooo
2050 6f6f6f6f 6c616b73 6a646669 756f7961 oooolaksjdfiuoya
2060 78636476 6b6c6d6e 6f6f6f6f 6f6f6f6f xcdvklmnoooooooo
2070 6f6f6f6f 6f6f6f6f 6f6f6f6f 6173646c ooooooooooooasdl
2080 66736466 6f716977 656a726b 71687765 fsdfoqiwejrkqhwe
2090 72686771 77656f6c 696b7268 6a616b73 rhgqweolikrhjaks
20a0 6c646a66 6b616c73 646a666c 6f6f6f6f ldjfkalsdjfloooo
20b0 6f6f6f61 73686466 616c7364 6a6b666f oooashdfalsdjkfo
20c0 6c697771 656f696c 6a313233 346b6c6a liwqeoilj1234klj
20d0 31323334 6f393061 73386466 6f6f6f6f 1234o90as8dfoooo
20e0 6f6f6f6f 6f6f6f6f 6f6f6f6f 6f6f6f6f oooooooooooooooo
20f0 6f6f6f6f 6f6f6f6f 6f6f6f6f 6f6f6f6f oooooooooooooooo
2100 6f6f6f6f 6f6f6f6f 6f6f6f6f 6f6f6f6f oooooooooooooooo
2110 6f6f6f6f 6f6f6f6f 6f6f6f6f 6f6f6f6f oooooooooooooooo
2120 6f6f6f6f 6f6f6f6f 6f6700 ooooooooog.
Raw
t.c
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
int main(void)
{
char *literal = "I am a string literal";
char *s = strdup(literal);
char array[] = "I am a string array looooooooooasdfasdfooooooooooooolaksjdfiuoyaxcdvklmnooooooooooooooooooooasdlfsdfoqiwejrkqhwerhgqweolikrhjaksldjfkalsdjfloooooooashdfalsdjkfoliwqeoilj1234klj1234o90as8dfooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooog";
array[0] = '#';
// literal[0] = '#';
s[0] = '#';
printf("%s\n", s);
printf("%s\n", array);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment