[framework] A little offtopic: Get EIP
Pranay Kanwar
warl0ck at metaeye.org
Tue Jun 26 07:45:20 CDT 2007
Hi,
First the *db* is not a part of gcc inline assembly (gas) :).
use the .string directive.
.string "DD"
Regarding the offset thing, we cannot mix 16 bit and 32 bit
call addresses, in 32 bit code automatically the the 16 bit call
will be converted to 32 bit. So when one does "call 0x0" the call
instruction is relative encoded as 32 bit signed integer hence explains
the weird 0xffffffc address, the offset is calculated from starting of
the current function/frame.
gas manual: http://www.gnu.org/software/binutils/manual/gas-2.9.1/html_mono/as.html
Regards
warl0ck // MSG
http://www.metaeye.org
More information about the framework
mailing list