On Sat, 9 Apr 2016 18:39:49 -0700
"Andrew Robinson" <arobinso...@cox.net> wrote:
> The problem is that [ebp + 12] and [ebp + 8] point to nonsense. I ran a
> debugger and looked at the stack, and there is nothing else on the stack
> except for ebp, rtn addr, and these two parameters. I even tried
> daisy-chaining the addresses to see where they would lead, and they are not
> even close to pointing to the actual command line. I can easily find the
> command line using a memory search, so I know what address it should be. What
> am I doing wrong here? I have:
Never done this, and I don't have Windows, so I don't know if this is useful.
- The command line you found may not be the same as is passed to main().
Recall that that argv is an array of strings, not pointers to the actual
command line.
- This program shows the addresses of the individual args:
#include <stdio.h>
int
main(int argc, char *argv[]) {
int i;
for (i = 0; i < argc; i++) {
printf("%p: %s\n", &argv[i], argv[i]);
}
return 0;
}
~$ ./args a b c d
0x7ffd48ffc538: ./args
0x7ffd48ffc540: a
0x7ffd48ffc548: b
0x7ffd48ffc550: c
0x7ffd48ffc558: d
As you can see, the addresses are aligned to 8 byte levels, as this is a
64-bit computer. Your offsets could be wrong, as they depend on the
word length of the computer.
John
_______________________________________________
gtk-app-devel-list mailing list
gtk-app-devel-list@gnome.org
https://mail.gnome.org/mailman/listinfo/gtk-app-devel-list
