In a program I am debugging, the canary value is read to eax from gs:0x14 memory location. I am attaching gdb to the process late enough to break on the mov reading the canary to eax. Therefore, reading eax is not an option to me. How can I read (x/w) the canary location (gs:0x14) in gdb?
Asked
Active
Viewed 6,215 times
2
sherlock
- 1,381
- 3
- 23
- 40
-
very similar questions have been asked and answered here and here – julian May 14 '17 at 20:55
-
@SYS_V I'm not sure either one was really "answered" (well, maybe if you count "you can't" as an answer) – Igor Skochinsky May 15 '17 at 16:32
1 Answers
3
It seems it's not possible to do this using built-in GDB functionality but I found a blog post which explains how to get the gs base from a core dump:
https://www.technovelty.org/linux/debugging-__thead-variables-from-coredumps.html
You should be able to generate a core using generate-core-file command then inspect it outside of GDB.
Igor Skochinsky
- 36,553
- 7
- 65
- 115
-
Ah! I see. Every time I learn something new from you. Thanks. Will try that. – sherlock May 14 '17 at 21:00