ebdavis
Reputation: 125
What am I doing wrong with my use of the GDB 'find' command?
First, the bit of memory I'm looking at:
(gdb) x/8x 0x108df0
0x108df0: 0x36393735 0x2d007d37 0x65707974 0x6574203a
0x108e00: 0x702f7478 0x6e69616c 0x6863203b 0x65737261
Now, running find for word-sized chunks of memory works:
(gdb) find /w 0x108df0, +500, 0x6863203b, 0x65737261
0x108e08
0x108e58
2 patterns found.
However, running what I think should be the same command in terms of bytes does not:
find /b 0x108df0, +500, 0x68, 0x63, 0x20, 0x3b, 0x65, 0x73, 0x72, 0x61
Pattern not found
find /b1 0x108df0, +500, 0x68, 0x63, 0x20, 0x3b, 0x65, 0x73, 0x72, 0x61
Pattern not found
Similarly, looking for giant words also doesn't work:
find /g 0x108df0, +500, 0x6863203b65737261
Pattern not found
Does anyone have any advice for what I'm doing wrong here? (I'm doing this through the python API, in case that's relevant?)
Upvotes: 1
Views: 366
Answers (1)
Employed Russian
Reputation: 213754
You are likely performing this exercise on a little-endian machine.
Try reversing the bytes:
find /b 0x108df0, +500, 0x3b, 0x20, 0x63, 0x68, 0x61, 0x72, 0x73, 0x65
Upvotes: 1
Related Questions
- gdb list error "No such file or directory"
- GDB 'find' command terminating early
- gdb: unknown target exception
- gdb backtrace of a core file prints error "no such file or directory"
- gdb debugger accessing files that are not found
- GDB not understands code
- GDB find command error "warning: Unable to access x bytes of target memory at y, halting search"
- GDB's find function doesn't find all occurences of the pattern
- GDB doesn't find sources
- GDB: Print files that are recognised