The discrepancy you are seeing is merely an artifact that dates Aleph1's article. GCC has changed quite a bit since, try not to get hung up on those details. I know its difficult when following step by step :-). As you continue, you will begin to see how blind compilers are. Although GCC is pretty phat, it is pretty damn blind, and has to make many assumptions. Aleph1's article is the most common, but I REALLY suggest taking a look at Mixter's paper: http://www.11a.nu/stack/exploit.txt On Wed, 17 Jul 2002, Jeremy Junginger wrote: > In "Smashing the Stack for Fun and Profit" by Aleph One, There is a nice > example program called example1.c. It looks like this: > > void function(int a, int b, int c) { > char buffer1[5]; > char buffer2[10]; > > void main() { > function(1,2,3); > } > > Then, we go through how to generate assembley code output, how the > values are pushed onto the stack in reverse order, then the function > call, then moves the Frame Pointer onto the stack and copies the current > Stack Pointer into EBP. That part is groovy. Then when we look at the > function, in the example, he discusses how memory buffers are allocated > in "word" (4 byte) increments. That makes sense; however, when I > generate the assembly code with the exact same code, I see that it is > subtracting 40 rather than the expected 20 > (bufger1(5bytes=2words=8bytes+10bytes=3words=12bytes). This part looks > crucial to understanding the rest of the concepts in the paper, so I'm > hesitant to continue without understanding this descrepancy. Any input > would be very much appreciated. >
This archive was generated by hypermail 2b30 : Wed Jul 17 2002 - 18:07:39 PDT