Skip to content

[Bug] $_stack() calculate error #928

New issue
New issue
Closed
Closed
[Bug] $_stack() calculate error#928
Labels
not-a-bugtriage
@jylsec

Description

@jylsec
jylsec
opened on Jan 24, 2023

GEF+GDB version

GEF: (Standalone)
Blob Hash(/home/jylsec/.gef-2b72f5d0d9f0f218a91cd1ca5148e45923b950d5.py): 8dc57b700e3c1c85822449033a01c94dfae9e4a6
SHA256(/home/jylsec/.gef-2b72f5d0d9f0f218a91cd1ca5148e45923b950d5.py): 63d3e10d38a367c3e4d37de8e0701bcdff2a4e7c9a0a4ec5d83ccb8b2fe6188d
GDB: 12.1
GDB-Python: 3.10

Operating System

Ubuntu22.04

Describe the issue you encountered

context shows

$rax   : 0x007fffffffe810  →  "1234567890\n"
$rbx   : 0x0               
$rcx   : 0x005555555592ab  →  0x0000000000000000
$rdx   : 0xfbad2288        
$rsp   : 0x007fffffffe7b0  →  0x007ffff7ffd040  →  0x007ffff7ffe2e0  →  0x00555555554000  →   jg 0x555555554047
$rbp   : 0x007fffffffe7e0  →  0x007fffffffe840  →  0x0000000000000001
$rsi   : 0x3938373635343332 ("23456789"?)
$rdi   : 0x007fffffffe810  →  "1234567890\n"
$rip   : 0x005555555552f5  →  <encrypt+24> jmp 0x55555555535e <encrypt+129>
$r8    : 0x0               
$r9    : 0x005555555592a0  →  "1234567890\n"
$r10   : 0x77              
$r11   : 0x246             
$r12   : 0x007fffffffe958  →  0x007fffffffec17  →  "/home/jylsec/sora"
$r13   : 0x00555555555229  →  <main+0> endbr64 
$r14   : 0x0               
$r15   : 0x007ffff7ffd040  →  0x007ffff7ffe2e0  →  0x00555555554000  →   jg 0x555555554047
$eflags: [zero carry parity adjust sign trap INTERRUPT direction overflow resume virtualx86 identification]
$cs: 0x33 $ss: 0x2b $ds: 0x00 $es: 0x00 $fs: 0x00 $gs: 0x00

However
print $_stack() command show

gef➤  print $_stack()
$5 = 0x7ffffffde000

I think $_stack() should equal $rbp

Do you read the docs and look at previously closed issues/PRs for similar cases?

yes

Architecture impacted

  • X86
  • X64
  • ARM
  • ARM64
  • MIPS
  • MIPS64
  • PPC
  • PPC64
  • RISCV

Describe your issue. Without a proper reproduction step-by-step, your issue will be ignored.

context shows

$rax   : 0x007fffffffe810  →  "1234567890\n"
$rbx   : 0x0               
$rcx   : 0x005555555592ab  →  0x0000000000000000
$rdx   : 0xfbad2288        
$rsp   : 0x007fffffffe7b0  →  0x007ffff7ffd040  →  0x007ffff7ffe2e0  →  0x00555555554000  →   jg 0x555555554047
$rbp   : 0x007fffffffe7e0  →  0x007fffffffe840  →  0x0000000000000001
$rsi   : 0x3938373635343332 ("23456789"?)
$rdi   : 0x007fffffffe810  →  "1234567890\n"
$rip   : 0x005555555552f5  →  <encrypt+24> jmp 0x55555555535e <encrypt+129>
$r8    : 0x0               
$r9    : 0x005555555592a0  →  "1234567890\n"
$r10   : 0x77              
$r11   : 0x246             
$r12   : 0x007fffffffe958  →  0x007fffffffec17  →  "/home/jylsec/sora"
$r13   : 0x00555555555229  →  <main+0> endbr64 
$r14   : 0x0               
$r15   : 0x007ffff7ffd040  →  0x007ffff7ffe2e0  →  0x00555555554000  →   jg 0x555555554047
$eflags: [zero carry parity adjust sign trap INTERRUPT direction overflow resume virtualx86 identification]
$cs: 0x33 $ss: 0x2b $ds: 0x00 $es: 0x00 $fs: 0x00 $gs: 0x00

However
print $_stack() command show

gef➤  print $_stack()
$5 = 0x7ffffffde000

I think $_stack() should equal $rbp

Metadata

Metadata

Assignees

No one assigned

    Labels

    not-a-bugtriage

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions