Last active
December 10, 2015 03:08
-
-
Save run/4372650 to your computer and use it in GitHub Desktop.
gdb notes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1、examine命令(简写是x)来查看内存地址中的值 | |
| gdb x/nfu ADDR | |
| n 是一个正整数,表示显示内存的长度,也就是说从当前地址向后显示几个地址的内容。 | |
| f 表示显示的格式,如果地址所指的是字符串,那么格式可以是s,如果地十是指令地址,那么格式可以是i。 | |
| u 表示从当前地址往后请求的字节数,如果不指定的话,GDB默认是4个bytes。u参数可以用下面的字符来代替,b表示单字节,h表示双字节,w表示四字 节,g表示八字节。当我们指定了字节长度后,GDB会从指内存定的内存地址开始,读写指定字节,并把其当作一个值取出来。 | |
| 举例: | |
| (gdb) x/9i 0x7c00 | |
| 0x7c00: cli | |
| => 0x7c01: cld | |
| 0x7c02: xor %ax,%ax | |
| 0x7c04: mov %ax,%ds | |
| 0x7c06: mov %ax,%es | |
| 0x7c08: mov %ax,%ss | |
| 0x7c0a: in $0x64,%al | |
| 0x7c0c: test $0x2,%al | |
| 0x7c0e: jne 0x7c0a | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment