Jump to registers
Fabian Cenedese
Cenedese@indel.ch
Fri Nov 14 13:52:00 GMT 2008
At 13:54 14.11.2008 +0100, Alessandro Pellegrini wrote:
>Everything's working fine except for one
>scenario:
>mov $i, %eax
>incl (%eax)
>jmp .FancyFunction
>
>The incl (%eax)
>is a 2 byte instruction, the instrumented code would result in:
>
>mov
>$i, %eax
>call MyFunction
>nopw
>
>If somewhere else in the code there is a
>jmp to the third line of this example (jmp .FancyFunction), eip will
>point in the middle of the address of the call, in the best case
>arising a SIGILL signal, in the worst case producing undefined
>behaviour.
Wouldn't it be enough to rearrange your replacement code to have
the nop in the beginning? The your jump would be at the same
address again.
bye Fabi
More information about the Gcc-help
mailing list