I'm trying to get the EIP value from a simple program in C but i don't
how to do it. I need it to know the current address position on the code
segment.
main() {
long *eip;
asm("mov %%eip,%0" : "=g"(eip));
printf("%p\n", eip);
}
Unfortunately EIP is not that kind of register :P
Does anyone know how to get EIP?
--
http://www.iosn.it * Amministratore Italian Open Source Network
http://www.fyrebird.net * Fyrebird Hosting Provider - Technical Department
On Tue, 04 Jan 2005 16:18:02 +0100
Lethalman <[email protected]> wrote:
> I'm trying to get the EIP value from a simple program in C but i don't
> how to do it. I need it to know the current address position on the
> code segment.
>
> main() {
> long *eip;
> asm("mov %%eip,%0" : "=g"(eip));
> printf("%p\n", eip);
> }
>
> Unfortunately EIP is not that kind of register :P
> Does anyone know how to get EIP?
IA-32 Intel? Architecture
Software Developer's
Manual
Volume 1:
Basic Architecture
3.5. INSTRUCTION POINTER
[...]
The EIP register cannot be accessed directly by software; it is
controlled implicitly by control- transfer instructions (such as JMP,
Jcc, CALL, and RET), interrupts, and exceptions. The only way to read
the EIP register is to execute a CALL instruction and then read the
value of the return instruction pointer from the procedure stack. The
EIP register can be loaded indirectly by modifying the value of a return
instruction pointer on the procedure stack and executing a return
instruction (RET or IRET). See Section 6.2.4.2., "Return Instruction
Pointer".
[...]
--
Paolo Ornati
Gentoo Linux (kernel 2.6.10-cko2)
On Tue, 4 Jan 2005, Lethalman wrote:
> I'm trying to get the EIP value from a simple program in C but i don't how to
> do it. I need it to know the current address position on the code segment.
>
> main() {
> long *eip;
> asm("mov %%eip,%0" : "=g"(eip));
> printf("%p\n", eip);
> }
>
> Unfortunately EIP is not that kind of register :P
> Does anyone know how to get EIP?
>
You get the offset of a label, i.e., "foo:\t movl $foo,%0\n" in the asm
code.
Cheers,
Dick Johnson
Penguin : Linux version 2.6.9 on an i686 machine (5537.79 BogoMips).
Notice : All mail here is now cached for review by Dictator Bush.
98.36% of all statistics are fiction.
linux-os wrote:
> On Tue, 4 Jan 2005, Lethalman wrote:
>
>> I'm trying to get the EIP value from a simple program in C but i don't
>> how to do it. I need it to know the current address position on the
>> code segment.
>>
>> main() {
>> long *eip;
>> asm("mov %%eip,%0" : "=g"(eip));
>> printf("%p\n", eip);
>> }
>>
>> Unfortunately EIP is not that kind of register :P
>> Does anyone know how to get EIP?
>>
>
> You get the offset of a label, i.e., "foo:\t movl $foo,%0\n" in the asm
> code.
Or use a gcc extension, so that you don't have to write assembly code:
int main(int argc, char *argv[])
{
address:
printf("this is my address %p\n", &&address);
return 0;
}
--
Paulo Marques - http://www.grupopie.com
"A journey of a thousand miles begins with a single step."
Lao-tzu, The Way of Lao-tzu
In article <[email protected]> you wrote:
>> I'm trying to get the EIP value from a simple program in C but i don't
> The EIP register cannot be accessed directly by software
I guess most often is enough to get the address of a C function
printf("%p", &func);
Greetings
Bernd