So I was reading Hacking the Art of Exploitation and in the book, they use the strcpy() function in their C code:
1 #include <stdio.h>2 #include <string.h>3 4 int main() {5 char str_a[20];6 7 strcpy(str_a, "Hello, world!\n");8 printf(str_a);9 }They then proceed to compile their source code and analyze it with gdb. He sets a breakpoint on line 6, the strcpy function, and line 8, but when setting a break on strcpy it reads the following:
(gdb) break strcpyFunction "strcpy" not defined.Make breakpoint pending on future shared library load? (y or [n]) yI understand that this is because the library has not yet been loaded, so it's asking if he wants to have it as a pending breakpoint. Then he runs the program and continues through the breakpoints:
Everything works well for him, but when I tried to re-create this on my computer, I get the following:
frinto@kali:~/Documents/theclang/programs/helloworld$ gcc -m32 -g -o char_array char_array.c frinto@kali:~/Documents/theclang/programs/helloworld$ gdb -q char_arrayReading symbols from char_array...done.(gdb) list1 #include <stdio.h>2 #include <string.h>3 4 int main() {5 char str_a[20];6 7 strcpy(str_a, "Hello, world!\n");8 printf(str_a);9 }(gdb) break 6Breakpoint 1 at 0x11b6: file char_array.c, line 6.(gdb) break strcpyFunction "strcpy" not defined.Make breakpoint pending on future shared library load? (y or [n]) yBreakpoint 2 (strcpy) pending.(gdb) break 8Breakpoint 3 at 0x11d7: file char_array.c, line 8.(gdb) runStarting program: /home/frinto/Documents/theclang/programs/helloworld/char_array Breakpoint 1, main () at char_array.c:77 strcpy(str_a, "Hello, world!\n");(gdb) contContinuing.Breakpoint 3, main () at char_array.c:88 printf(str_a);(gdb) contContinuing.Hello, world Notice how it completely skipped the strcpy breakpoint? Well, I asked a friend of mine what was the issue here, and he told me that I was missing the argument -fno-builtin when compiling. I did some minimal google searching on this argument and all I really understood is that it lets you set breakpoints on built-in functions. So I compiled the program with the -fno-builtin argument and then tried to re-create this again:
frinto@kali:~/Documents/theclang/programs/helloworld$ gcc -m32 -fno-builtin -g -o char_array char_array.c frinto@kali:~/Documents/theclang/programs/helloworld$ gdb -q char_arrayReading symbols from char_array...done.(gdb) list1 #include <stdio.h>2 #include <string.h>3 4 int main() {5 char str_a[20];6 7 strcpy(str_a, "Hello, world!\n");8 printf(str_a);9 }(gdb) break 6Breakpoint 1 at 0x11c6: file char_array.c, line 6.(gdb) break strcpyBreakpoint 2 at 0x1040(gdb) break 8Breakpoint 3 at 0x11dc: file char_array.c, line 8.(gdb) runStarting program: /home/frinto/Documents/theclang/programs/helloworld/char_array Breakpoint 1, main () at char_array.c:77 strcpy(str_a, "Hello, world!\n");(gdb) contContinuing.Breakpoint 2, 0xf7e510b0 in ?? () from /lib/i386-linux-gnu/libc.so.6(gdb) contContinuing.Breakpoint 3, main () at char_array.c:88 printf(str_a);(gdb) contContinuing.Hello, world Now it works! I have three questions:
- What exactly is the
-fno-builtinargument doing? - Why does it show question marks instead of the
strcpyfunction in
Breakpoint 2, 0xf7e510b0 in ?? () from /lib/i386-linux-gnu/libc.so.6
- Why doesn't it ask to set the
strcpybreakpoint as pending when I use the-fno-builtinargument?
Sorry for the long thread, I just wanted to make sure everything was understood.
