Skip to content

Various error info reported by gef #735

New issue
New issue
Closed
#736
Closed
Various error info reported by gef#735
#736
Labels
triage
@TommyJerryMairo

Description

@TommyJerryMairo
TommyJerryMairo
opened on Sep 29, 2021
  • Did you use the latest version of GEF from dev branch?
  • Is your bug specific to GEF (not GDB)? - Try to reproduce it running gdb -nx
  • Did you read the documentation first?
  • Did you check issues (including
    the closed ones) - and the PR?

Step 1: Describe your environment

  • Operating System / Distribution: ArchLinux w/ Glibc 2.33
  • Architecture: x86_64
  • GEF version (including the Python library version) run version in GEF.

GEF: rev:5baa1280dcc0057b041a184d4164c5547125fac9 (Git - clean)
SHA1(/home/tjm/.config/gef/repo/gef.py): 26ae828dbe4c01f5dc70959522c55317d4476215
GDB: 11.1
GDB-Python: 3.9

Step 2: Describe your problem

Steps to reproduce

  1. Compile poc.c from the minimalist test case to get the binary poc
  2. Load binary poc with gef
  3. Set a breakpoint at the return statement with command b 4
  4. Run the program with r command

Minimalist test case

// compile with gcc -fPIE -fpic -O0 -g -o poc poc.c
int main() {
	const char *grid[] = {"  \\ \\","  /  ","/\\ \\\\","//\\/\\","\\/\\//"};
	(void *)(grid);
	return 0;
}

Observed Results

  • gef prints an error message Error while writing index for /tmp/poc: mkstemp: No such file or directory. in step 2
  • gef prints the following error message of invalid escape sequence in step 4:
/home/tjm/.config/gef/repo/gef.py:2768: DeprecationWarning: invalid escape sequence '\/'
  res = gdb.Value(address).cast(char_ptr).string(encoding=encoding, length=length).strip()
/home/tjm/.config/gef/repo/gef.py:2768: DeprecationWarning: invalid escape sequence '\ '
  res = gdb.Value(address).cast(char_ptr).string(encoding=encoding, length=length).strip()

Expected results

  • No errors reported

Traces

gef➤  r
Starting program: /tmp/poc

Breakpoint 1, main () at poc.c:4
4		return 0;
[ Legend: Modified register | Code | Heap | Stack | String ]
───────────────────────────────────────────────────────────────────────────────────── registers ────
/home/tjm/.config/gef/repo/gef.py:2768: DeprecationWarning: invalid escape sequence '\/'
  res = gdb.Value(address).cast(char_ptr).string(encoding=encoding, length=length).strip()
$rax   : 0x000055555555601c  →  0x0000002f2f5c2f5c ("\/\//"?)
$rbx   : 0x00005555555551b0  →  <__libc_csu_init+0> endbr64
$rcx   : 0x00007ffff7f7c598  →  0x00007ffff7f7e960  →  0x0000000000000000
$rdx   : 0x00007fffffffe5d8  →  0x00007fffffffe93e  →  "SHELL=/bin/bash"
/home/tjm/.config/gef/repo/gef.py:2768: DeprecationWarning: invalid escape sequence '\ '
  res = gdb.Value(address).cast(char_ptr).string(encoding=encoding, length=length).strip()
$rsp   : 0x00007fffffffe4a0  →  0x0000555555556004  →  0x2020005c205c2020 ("\ \"?)
$rbp   : 0x00007fffffffe4d0  →  0x0000000000000000
$rsi   : 0x00007fffffffe5c8  →  0x00007fffffffe935  →  "/tmp/poc"
$rdi   : 0x1
$rip   : 0x0000555555555187  →  <main+78> mov eax, 0x0
$r8    : 0x0
$r9    : 0x00007ffff7fdcfd0  →  <_dl_fini+0> endbr64
$r10   : 0x00007ffff7dcb798  →  0x0010001200002ab7
$r11   : 0x202
$r12   : 0x0000555555555040  →  <_start+0> endbr64
$r13   : 0x0
$r14   : 0x0
$r15   : 0x0
$eflags: [ZERO carry PARITY adjust sign trap INTERRUPT direction overflow resume virtualx86 identification]
$cs: 0x0033 $ss: 0x002b $ds: 0x0000 $es: 0x0000 $fs: 0x0000 $gs: 0x0000
───────────────────────────────────────────────────────────────────────────────────────── stack ────
0x00007fffffffe4a0│+0x0000: 0x0000555555556004  →  0x2020005c205c2020 ("\ \"?)	 ← $rsp
0x00007fffffffe4a8│+0x0008: 0x000055555555600a  →  0x5c2f0020202f2020 ("/  "?)
0x00007fffffffe4b0│+0x0010: 0x0000555555556010  →  0x2f2f005c5c205c2f ("/\ \"?)
0x00007fffffffe4b8│+0x0018: 0x0000555555556016  →  0x2f5c005c2f5c2f2f ("//\/\"?)
0x00007fffffffe4c0│+0x0020: 0x000055555555601c  →  0x0000002f2f5c2f5c ("\/\//"?)
0x00007fffffffe4c8│+0x0028: 0x20e2374cce9c1b00
0x00007fffffffe4d0│+0x0030: 0x0000000000000000	 ← $rbp
0x00007fffffffe4d8│+0x0038: 0x00007ffff7de3b25  →  <__libc_start_main+213> mov edi, eax
─────────────────────────────────────────────────────────────────────────────────── code:x86:64 ────
   0x555555555178 <main+63>        mov    QWORD PTR [rbp-0x18], rax
   0x55555555517c <main+67>        lea    rax, [rip+0xe99]        # 0x55555555601c
   0x555555555183 <main+74>        mov    QWORD PTR [rbp-0x10], rax
 → 0x555555555187 <main+78>        mov    eax, 0x0
   0x55555555518c <main+83>        mov    rdx, QWORD PTR [rbp-0x8]
   0x555555555190 <main+87>        sub    rdx, QWORD PTR fs:0x28
   0x555555555199 <main+96>        je     0x5555555551a0 <main+103>
   0x55555555519b <main+98>        call   0x555555555030 <__stack_chk_fail@plt>
   0x5555555551a0 <main+103>       leave
──────────────────────────────────────────────────────────────────────────────── source:poc.c+4 ────
      1	 int main() {
      2	 	const char *grid[] = {"  \\ \\","  /  ","/\\ \\\\","//\\/\\","\\/\\//"};
      3	 	(void *)(grid);
●→    4	 	return 0;
      5	 }
─────────────────────────────────────────────────────────────────────────────────────── threads ────
[#0] Id 1, Name: "poc", stopped 0x555555555187 in main (), reason: BREAKPOINT
───────────────────────────────────────────────────────────────────────────────────────── trace ────
[#0] 0x555555555187 → main()
────────────────────────────────────────────────────────────────────────────────────────────────────
gef➤

Metadata

Metadata

Assignees

No one assigned

    Labels

    triage

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions