'GDB : Address size 5 bytes?

I'm using GDB for binary exploitation. I injected address 0x55619d84 for my return value to inject shellcode.

Here is where I am

(gdb) disas
Dump of assembler code for function getbuf:
   0x0000000000401b91 <+0>: sub    $0x38,%rsp
   0x0000000000401b95 <+4>: mov    %rsp,%rdi
   0x0000000000401b98 <+7>: call   0x401ddc <Gets>
   0x0000000000401b9d <+12>:    mov    $0x1,%eax
   0x0000000000401ba2 <+17>:    add    $0x38,%rsp
=> 0x0000000000401ba6 <+21>:    ret

Here is how my stack looks

(gdb) x/20x $rsp
0x55619d80: 0x55619d84  0x000000cc  0x00000009  0x00000000
0x55619d90: 0x0040226c  0x00000000  0x00000000  0x00000000
0x55619da0: 0xf4f4f4f4  0xf4f4f4f4  0xf4f4f4f4  0xf4f4f4f4
0x55619db0: 0xf4f4f4f4  0xf4f4f4f4  0xf4f4f4f4  0xf4f4f4f4
0x55619dc0: 0xf4f4f4f4  0xf4f4f4f4  0xf4f4f4f4  0xf4f4f4f4

I injected 0x55619d84 as the return address, then I injected 0x000000cc (shellcode for breakpoint to see if it works).

To my surprise, address size is 10 bytes :

(gdb) x/a $rsp
0x55619d80: 0xcc55619d84

and program will jump to 0xcc55619d84 (SEGFAULT) instead of 0x55619d84.

What's wrong ? Thanks

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution	Source

'GDB : Address size 5 bytes?

Sources

Related Questions