gdb:How to print value at memory address in ASM

Question

   0x08048c62 <+0>:     sub    $0x2c,%esp
   0x08048c65 <+3>:     lea    0x1c(%esp),%eax
   0x08048c69 <+7>:     mov    %eax,0xc(%esp)
   0x08048c6d <+11>:    lea    0x18(%esp),%eax
   0x08048c71 <+15>:    mov    %eax,0x8(%esp)
   0x08048c75 <+19>:    movl   $0x804a73d,0x4(%esp)
   0x08048c7d <+27>:    mov    0x30(%esp),%eax
   0x08048c81 <+31>:    mov    %eax,(%esp)
   0x08048c84 <+34>:    call   0x80488d0 <__isoc99_sscanf@plt>
=> 0x08048c89 <+39>:    cmp    $0x1,%eax

How do I print out what is at $0x1 in the last instruction? I tried all combinations

x/d 0x1
x/d $0x1
x/s $0x1
...
...

But I either get error: Cannot access memory at address 0x1, or Value can't be converted to integer(even when I try changing type to c,s,x,a)

Ultimately, I'm trying to find out the arguments passed to scanf, ie, "%d %d %c"

Answer 1

The $1 there is an immediate value, it's just the number 1. It's not an address. It's checking the return value of sscanf, that is the number of items processed. The converted values are of course placed in memory at the pointers that have been passed to sscanf as arguments.

In your example, the format string is at 0x804a73d, you should be able to print that using x/s 0x804a73d.

The code is using mov to put items on the stack instead of push for efficiency reasons. You can see the arguments at the proper offsets on the stack. They start at (%esp) and each is 4 bytes:

1st argument (the string to read from):

   0x08048c7d <+27>:    mov    0x30(%esp),%eax
   0x08048c81 <+31>:    mov    %eax,(%esp)

2nd argument (the format string):

   0x08048c75 <+19>:    movl   $0x804a73d,0x4(%esp)

3rd argument (1st output pointer):

   0x08048c6d <+11>:    lea    0x18(%esp),%eax
   0x08048c71 <+15>:    mov    %eax,0x8(%esp)

4th argument (2nd output pointer):

   0x08048c65 <+3>:     lea    0x1c(%esp),%eax
   0x08048c69 <+7>:     mov    %eax,0xc(%esp)