GDB 内存操作

Posted on In

gdb查看内存数据

格式: 

1
x/nfu

说明:

  • x 是 examine 的缩写,意思是检查
  • n表示要显示的内存单元的个数
  • f表示显示方式
  • u表示一个地址单元的长度:

显示方式 f 取值

1
2
3
4
5
6
7
8
9
x 按十六进制格式显示变量。
d 按十进制格式显示变量。
u 按十进制格式显示无符号整型。
o 按八进制格式显示变量。
t 按二进制格式显示变量。
a 按十六进制格式显示变量。
i 指令地址格式
c 按字符格式显示变量。
f 按浮点数格式显示变量。

地址单元长度 u 取值

1
2
3
4
b表示单字节,
h表示双字节,
w表示四字节,
g表示八字节

example

1
2
x/50xw 0x40451400

50是数量,x是16进制,w是四字节

Examining Memory

You can use the command x (for “examine”) to examine memory in any of several formats, independently of your program’s data types.

1
2
3
x/nfu addr
x addr
x

Use the x command to examine memory.

n, f, and u are all optional parameters that specify how much memory to display and how to format it; addr is an expression giving the address where you want to start displaying memory. If you use defaults for nfu, you need not type the slash ‘/’. Several commands set convenient defaults for addr.

n, the repeat count

The repeat count is a decimal integer; the default is 1. 
It specifies how much memory (counting by units u) to display. 
If a negative number is specified, memory is examined backward from addr.

f, the display format

The display format is one of the formats used by print 
(‘x’, ‘d’, ‘u’, ‘o’, ‘t’, ‘a’, ‘c’, ‘f’, ‘s’), 
‘i’ (for machine instructions) and ‘m’ (for displaying memory tags). 
The default is ‘x’ (hexadecimal) initially. 
The default changes each time you use either x or print.

u, the unit size

The unit size is any of

1
2
3
4
5
6
7
8
9
10
11
b
Bytes.

h
Halfwords (two bytes).

w
Words (four bytes). This is the initial default.

g
Giant words (eight bytes).
  • Each time you specify a unit size with x, that size becomes the default unit the next time you use x.
  • For the ‘i’ format, the unit size is ignored and is normally not written.
  • For the ‘s’ format, the unit size defaults to ‘b’, unless it is explicitly given.
  • Use x /hs to display 16-bit char strings and x /ws to display 32-bit strings. The next use of x /s will again display 8-bit strings.
  • Note that the results depend on the programming language of the current compilation unit.
  • If the language is C, the ‘s’ modifier will use the UTF-16 encoding while ‘w’ will use UTF-32. The encoding is set by the programming language and cannot be altered.

modify memory

In order to set the variable g, use 

1
(gdb) set var g=4

GDB allows more implicit conversions in assignments than C; you can freely store an integer value into a pointer variable or vice versa,
and you can convert any structure to any other structure that is the same length or shorter.

To store values into arbitrary places in memory, use the ‘{…}’ construct to generate a value of specified type at a specified address (see Expressions).
For example, {int}0x83040 refers to memory location 0x83040 as an integer (which implies a certain size and representation in memory), and

1
set {int}0x83040 = 4

stores the value 4 into that memory location.

This should work for any valid pointer, and can be cast to any appropriate data type.

1
set *((int *) 0xbfbb0000) = 20

e.g.

1
2
3
4
5
6
7
8
9
10
11
12

set *(unsigned char      *)<memaddr> = <value>  ; write 1 byte
set *(unsigned short     *)<memaddr> = <value>  ; write 2 bytes
set *(unsigned int       *)<memaddr> = <value>  ; write 4 bytes
set *(unsigned long long *)<memaddr> = <value>  ; write 8 bytes
 
or
 
set *(char      *)<memaddr> = <value>           ; write 1 byte
set *(short     *)<memaddr> = <value>           ; write 2 bytes
set *(int       *)<memaddr> = <value>           ; write 4 bytes
set *(long long *)<memaddr> = <value>           ; write 8 bytes

or use

1
set *0xbfbb0000=20

change memory locations directly.