>ret = buffer1 + 13; // ebp + 4 >works fine for me, try n let me know what u get
Hi null null(heh) I tried but* aint working*. What OS, kernel, gcc do u have? Heres the asm of function(): (gdb) disas function Dump of assembler code for function function: 0x08048414 <function+0>: push %ebp 0x08048415 <function+1>: mov %esp,%ebp 0x08048417 <function+3>: sub $0x28,%esp 0x0804841a <function+6>: mov %gs:0x14,%eax 0x08048420 <function+12>: mov %eax,-0x4(%ebp) 0x08048423 <function+15>: xor %eax,%eax 0x08048425 <function+17>: lea -0x19(%ebp),%eax 0x08048428 <function+20>: add $0xd,%eax 0x0804842b <function+23>: mov %eax,-0x14(%ebp) 0x0804842e <function+26>: mov -0x14(%ebp),%eax 0x08048431 <function+29>: mov (%eax),%eax 0x08048433 <function+31>: lea 0x7(%eax),%edx 0x08048436 <function+34>: mov -0x14(%ebp),%eax 0x08048439 <function+37>: mov %edx,(%eax) 0x0804843b <function+39>: mov -0x4(%ebp),%eax 0x0804843e <function+42>: xor %gs:0x14,%eax 0x08048445 <function+49>: je 0x804844c <function+56> 0x08048447 <function+51>: call 0x8048350 <__stack_chk_f...@plt> 0x0804844c <function+56>: leave 0x0804844d <function+57>: ret End of assembler dump. Thanks. Cheers -- “In fact, by only taking a few observations, and selecting our numbers, we can by the effect of accidental causes defend all possible theories. By the aid of such numbers, whose truth in other respects cannot be contested, we set our consciences perfectly at rest, and demonstrate nearly anything we may wish. This it is which always inspires so great a distrust in respect to special statistics, and which has done the greatest injury to science with persons who only judge of things superficially.” - M. A. Quetelet _______________________________________ Pune GNU/Linux Users Group Mailing List
