Script started on Fri Oct 8 11:45:11 2004 %vi foo.c doit(int a) { char line[512]; gets(line); puts(line); } main() { doit(3); } %gcc -o foo foo.c -g /tmp/cc4UeMMJ.o: In function `doit': /home/djb/494/test/foo.c:6: warning: this program uses gets(), which is unsafe. %gdb foo GNU gdb 4.18 (FreeBSD) Copyright 1998 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-unknown-freebsd"...Deprecated bfd_read called at /usr/src/gnu/usr.bin/binutils/gdb/../../../../contrib/gdb/gdb/dbxread.c line 2627 in elfstab_build_psymtabs Deprecated bfd_read called at /usr/src/gnu/usr.bin/binutils/gdb/../../../../contrib/gdb/gdb/dbxread.c line 933 in fill_symbuf (gdb) break main Breakpoint 1 at 0x804853a: file foo.c, line 11. (gdb) run Starting program: /usr/home/djb/494/test/foo Breakpoint 1, main () at foo.c:11 11 doit(3); (gdb) list 6 puts(line); 7 } 8 9 main() 10 { 11 doit(3); 12 } (gdb) stepi 0x804853d 11 doit(3); (gdb) 0x804853f 11 doit(3); (gdb) 0x8048504 in doit (a=1) at foo.c:1 1 doit(int a) (gdb) 0x8048505 1 doit(int a) (gdb) 0x8048507 in doit (a=3) at foo.c:1 1 doit(int a) (gdb) stepi 5 gets(line); (gdb) 0x8048510 5 gets(line); (gdb) 0x8048516 5 gets(line); (gdb) 0x8048517 5 gets(line); (gdb) 0x80483a4 in gets () (gdb) disas 0x8048517 Dump of assembler code for function doit: 0x8048504 : push %ebp 0x8048505 : mov %esp,%ebp 0x8048507 : sub $0x208,%esp 0x804850d : add $0xfffffff4,%esp 0x8048510 : lea 0xfffffe00(%ebp),%eax 0x8048516 : push %eax 0x8048517 : call 0x80483a4 0x804851c : add $0x10,%esp 0x804851f : add $0xfffffff4,%esp 0x8048522 : lea 0xfffffe00(%ebp),%eax 0x8048528 : push %eax 0x8048529 : call 0x80483b4 0x804852e : add $0x10,%esp 0x8048531 : leave 0x8048532 : ret End of assembler dump. (gdb) disas 0x8048517 0x8048527 Dump of assembler code from 0x8048517 to 0x8048527: 0x8048517 : call 0x80483a4 0x804851c : add $0x10,%esp 0x804851f : add $0xfffffff4,%esp 0x8048522 : lea 0xfffffe00(%ebp),%eax End of assembler dump. (gdb) run The program being debugged has been started already. Start it from the beginning? (y or n) y Starting program: /usr/home/djb/494/test/foo Breakpoint 1, main () at foo.c:11 11 doit(3); (gdb) stepi 0x804853d 11 doit(3); (gdb) disas 0x804853d 0x804854d Dump of assembler code from 0x804853d to 0x804854d: 0x804853d : push $0x3 0x804853f : call 0x8048504 0x8048544 : add $0x10,%esp 0x8048547 : leave 0x8048548 : ret 0x8048549 : lea 0x0(%esi),%esi 0x804854c <__do_global_ctors_aux>: push %ebp End of assembler dump. (gdb) info re eax 0x0 0 ecx 0xbfbffc9f -1077936993 edx 0x804857c 134514044 ebx 0x1 1 esp 0xbfbffb3c 0xbfbffb3c ebp 0xbfbffb50 0xbfbffb50 esi 0xbfbffba4 -1077937244 edi 0xbfbffbac -1077937236 eip 0x804853d 0x804853d eflags 0x287 647 cs 0x1f 31 ss 0x2f 47 ds 0x2f 47 es 0x2f 47 fs 0x2f 47 gs 0x2f 47 (gdb) print *(int *) 0xbfbffb3c $1 = -1077937244 (gdb) print *(char **) 0xbfbffb3c $2 = 0xbfbffba4 "\210ü¿¿" (gdb) print *(int *) 0xbfbffb38 $3 = -1077937236 (gdb) print *(char **) 0xbfbffb38 $4 = 0xbfbffbac "£ü¿¿¬ü¿¿¸ü¿¿Çü¿¿Úü¿¿Dý¿¿Oý¿¿[ý¿¿pý¿¿\177ý¿¿¢ý¿¿Ùý¿¿ìý¿¿ýý¿¿\nþ¿¿\031þ¿¿'þ¿¿/þ¿¿Fþ¿¿Pþ¿¿hþ¿¿\203þ¿¿\215þ¿¿\230þ¿¿" (gdb) stepi 0x804853f 11 doit(3); (gdb) print *(int *) 0xbfbffb38 $5 = 3 (gdb) info re eax 0x0 0 ecx 0xbfbffc9f -1077936993 edx 0x804857c 134514044 ebx 0x1 1 esp 0xbfbffb38 0xbfbffb38 ebp 0xbfbffb50 0xbfbffb50 esi 0xbfbffba4 -1077937244 edi 0xbfbffbac -1077937236 eip 0x804853f 0x804853f eflags 0x287 647 cs 0x1f 31 ss 0x2f 47 ds 0x2f 47 es 0x2f 47 fs 0x2f 47 gs 0x2f 47 (gdb) print *(int *) 0xbfbffb34 $6 = -1077937244 (gdb) print (char **) 0xbfbffb38 $7 = (char **) 0xbfbffb38 (gdb) print $7[-3] $8 = 0x2804bb97 "\203~T" (gdb) print $7[-2] $9 = 0x1 (gdb) print $7[-1] $10 = 0xbfbffba4 "\210ü¿¿" (gdb) print $7[0] $11 = 0x3 (gdb) print $7[1] $12 = 0xbfbffba4 "\210ü¿¿" (gdb) print $7[2] $13 = 0x0 (gdb) stepi 0x8048504 in doit (a=1) at foo.c:1 1 doit(int a) (gdb) print $7[-3] $14 = 0x2804bb97 "\203~T" (gdb) print $7[-2] $15 = 0x1 (gdb) print $7[-1] $16 = 0x8048544 "\203Ä\020ÉÃ\215v" (gdb) print $7[0] $17 = 0x3 (gdb) info re eax 0x0 0 ecx 0xbfbffc9f -1077936993 edx 0x804857c 134514044 ebx 0x1 1 esp 0xbfbffb34 0xbfbffb34 ebp 0xbfbffb50 0xbfbffb50 esi 0xbfbffba4 -1077937244 edi 0xbfbffbac -1077937236 eip 0x8048504 0x8048504 eflags 0x287 647 cs 0x1f 31 ss 0x2f 47 ds 0x2f 47 es 0x2f 47 fs 0x2f 47 gs 0x2f 47 (gdb) disas 0x8048504 0x8048524 Dump of assembler code from 0x8048504 to 0x8048524: 0x8048504 : push %ebp 0x8048505 : mov %esp,%ebp 0x8048507 : sub $0x208,%esp 0x804850d : add $0xfffffff4,%esp 0x8048510 : lea 0xfffffe00(%ebp),%eax 0x8048516 : push %eax 0x8048517 : call 0x80483a4 0x804851c : add $0x10,%esp 0x804851f : add $0xfffffff4,%esp 0x8048522 : lea 0xfffffe00(%ebp),%eax End of assembler dump. (gdb) print (char *) 0xbfbffb34 - (char *) line $18 = 484 (gdb) stepi 0x8048505 1 doit(int a) (gdb) 0x8048507 in doit (a=3) at foo.c:1 1 doit(int a) (gdb) print (char *) 0xbfbffb34 - (char *) line $19 = 516 (gdb) stepi 5 gets(line); (gdb) 0x8048510 5 gets(line); (gdb) 0x8048516 5 gets(line); (gdb) 0x8048517 5 gets(line); (gdb) 0x80483a4 in gets () (gdb) info re eax 0xbfbff930 -1077937872 ecx 0xbfbffc9f -1077936993 edx 0x804857c 134514044 ebx 0x1 1 esp 0xbfbff914 0xbfbff914 ebp 0xbfbffb30 0xbfbffb30 esi 0xbfbffba4 -1077937244 edi 0xbfbffbac -1077937236 eip 0x80483a4 0x80483a4 eflags 0x283 643 cs 0x1f 31 ss 0x2f 47 ds 0x2f 47 es 0x2f 47 fs 0x2f 47 gs 0x2f 47 (gdb) print *(char **) 0xbfbff914 $20 = 0x804851c "\203Ä\020\203Äô\215\205" (gdb) print *(char **) 0xbfbff918 $21 = 0xbfbff930 "" (gdb) finish Run till exit from #0 0x80483a4 in gets () warning: this program uses gets(), which is unsafe. hi 0x804851c in doit (a=3) at foo.c:5 5 gets(line); (gdb) print line $22 = "hi\000\000~\001\000\000õá\004(\b'\a(\b'\a(\037\004\000\000\232á\004(¨Ú\005( \006(\000\000\000\000\000\000\000\000\025\005\000\000 \006\000¤ù¿¿Gá\004(\b'\a(G·¡\n\000\021\006(\000\000\000\000¨Ú\005(ÈÔ\016(\b'\a(õá\004(n\003\a(¡¬\004(÷\002\000\000\232á\004(\000\021\006(\000\000\000\000\024ú¿¿\217ß\004(\b'\a(G·¡\nèÈ\005(\004ú¿¿\000\000\000\000\bú¿¿\200Ý\005(\000\000\000\000õá\004(\035\203\004\b«\006\a(ÒÞ\004(\232á\004(¨Ú\005( \006(\000\000\000\000¨Ú\005(\000\021\006( \006\001"... (gdb) print &line $23 = (char (*)[512]) 0xbfbff930 (gdb) print *(char *) 0xbfbff930 $24 = 104 'h' (gdb) print *(char *) 0xbfbff931 $25 = 105 'i' (gdb) info re eax 0xbfbff930 -1077937872 ecx 0x3 3 edx 0xa 10 ebx 0x1 1 esp 0xbfbff918 0xbfbff918 ebp 0xbfbffb30 0xbfbffb30 esi 0xbfbffba4 -1077937244 edi 0xbfbffbac -1077937236 eip 0x804851c 0x804851c eflags 0x246 582 cs 0x1f 31 ss 0x2f 47 ds 0x2f 47 es 0x2f 47 fs 0x2f 47 gs 0x2f 47 (gdb) print *(char **) 0xbfbffb30 $26 = 0xbfbffb50 "\234û¿¿j\204\004\b\001" (gdb) print *(char **) 0xbfbffb34 $27 = 0x8048544 "\203Ä\020ÉÃ\215v" (gdb) print *(char **) 0xbfbffb38 $28 = 0x3 (gdb) quit The program is running. Exit anyway? (y or n) y %vi foo.c doit(int a) { char line[512]; gets(line); puts(line); printf("line is %8.8x\n",line); } main() { doit(3); } %gcc -o foo foo.c /tmp/ccnQWFKt.o: In function `doit': /tmp/ccnQWFKt.o(.text+0x14): warning: this program uses gets(), which is unsafe. %gdb foo GNU gdb 4.18 (FreeBSD) Copyright 1998 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-unknown-freebsd"... (no debugging symbols found)... (gdb) run Starting program: /usr/home/djb/494/test/foo warning: this program uses gets(), which is unsafe. hi hi line is bfbff930 (no debugging symbols found)...(no debugging symbols found)... Program exited with code 021. (gdb) quit %./foo warning: this program uses gets(), which is unsafe. hi hi line is bfbff950 %gcc -o foo foo.c -g /tmp/cc7LGAHz.o: In function `doit': /home/djb/494/test/foo.c:6: warning: this program uses gets(), which is unsafe. %./foo warning: this program uses gets(), which is unsafe. ^Z Suspended %jobs [1] + Suspended ./foo %jobs -l [1] + 37135 Suspended ./foo %ps PID TT STAT TIME COMMAND 37069 p3 Is 0:00.03 -csh (csh) 37092 p3 S+ 0:00.09 script 37093 p4 Ss 0:00.03 /bin/csh -i 37135 p4 T 0:00.00 ./foo 37136 p4 R+ 0:00.00 ps %gdb foo GNU gdb 4.18 (FreeBSD) Copyright 1998 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-unknown-freebsd"...Deprecated bfd_read called at /usr/src/gnu/usr.bin/binutils/gdb/../../../../contrib/gdb/gdb/dbxread.c line 2627 in elfstab_build_psymtabs Deprecated bfd_read called at /usr/src/gnu/usr.bin/binutils/gdb/../../../../contrib/gdb/gdb/dbxread.c line 933 in fill_symbuf (gdb) attach 37135 Attaching to program: /usr/home/djb/494/test/foo, process 37135 Reading symbols from /usr/lib/libc.so.4...done. Reading symbols from /usr/libexec/ld-elf.so.1...done. 0x280e118c in read () from /usr/lib/libc.so.4 (gdb) finish Run till exit from #0 0x280e118c in read () from /usr/lib/libc.so.4 hi 0x280e0bd6 in __sread () from /usr/lib/libc.so.4 (gdb) finish Run till exit from #0 0x280e0bd6 in __sread () from /usr/lib/libc.so.4 0x280cf112 in __srefill () from /usr/lib/libc.so.4 (gdb) Run till exit from #0 0x280cf112 in __srefill () from /usr/lib/libc.so.4 0x280cefc0 in __srget () from /usr/lib/libc.so.4 (gdb) Run till exit from #0 0x280cefc0 in __srget () from /usr/lib/libc.so.4 0x28084f59 in gets () from /usr/lib/libc.so.4 (gdb) Run till exit from #0 0x28084f59 in gets () from /usr/lib/libc.so.4 0x8048550 in doit (a=3) at foo.c:5 5 gets(line); (gdb) print line $1 = "hi\000\000B\001\000\000\000\000\000\000~\001\000\000õá\004(\b'\a(\b'\a(\037\004\000\000\232á\004(¨Ú\005(0 \006(\000\000\000\000\000\000\000\000\025\005\000\0000 \006\000Ìù¿¿Gá\004(\b'\a(G·¡\n\000\021\006(\000\000\000\000¨Ú\005(ÈÔ\016(\b'\a(õá\004(n\003\a(¡¬\004(÷\002\000\000\232á\004(\000\021\006(\000\000\000\000<ú¿¿\217ß\004(\b'\a(G·¡\nèÈ\005(,ú¿¿\000\000\000\0000ú¿¿\200Ý\005(\000\000\000\000õá\004(8\203\004\b«\006\a(ÒÞ\004(\232á\004(¨Ú\005(0 \006(\000\000\000\000¨Ú\005("... (gdb) print &line $2 = (char (*)[512]) 0xbfbff950 (gdb) quit The program is running. Quit anyway (and detach it)? (y or n) y Detaching from program: /usr/home/djb/494/test/foo, process 37135 %hi line is bfbff950 exit [1] Exit 17 ./foo exit Script done on Fri Oct 8 12:16:32 2004