More gdb tricks

Looking at the bomblab_warmup on cs

 $ ssh cs.marlboro.edu
 $ cd /var/www/cs/htdocs/courses/spring2013/systems/code/bomblab_warmup/

 $ more bomblab_warmup.c
 Permission denied                      # Nope : can't look at source.

 $ ./bomblab_warmup
 1: What is the magic word? help?       # Try to run it? Hmmm.
 BOOM!


 $ gdb bomblab_warmup                   # So we check out the binary.
 (gdb) start

Getting a handle on control flow and function names :

 (gdb) info functions
 (gdb) disas main
 (gdb) disas thing1
 (gdb) disas thing2
 (gdb) disas f

Print output from a function (and execute it!) :
(If you can figure out its return and args.)

 (gdb) print (int) f(10)

Print data at an address (using mostly C notation)
(Here the "int*" says to trat this as 
 a pointer to an int, and the first * 
 follow that pointer ... thus printing
 it as an int.)

 (gdb) print *(int*)(0x08048403)

Print value of a register.
 (gdb) print $esp
Or follow the pointer and print what's there.
 (gdb) print *$esp

Set data at memory locations (mostly C notation)

 (gdb) set *(int*)0x08048403 = 0x1  # change 4 bytes
 (gdb) set *(char*)0x08048403 = 'a' # change 1 byte
 (gdb) set *$esp = 1234             # change 4 bytes on stack