I encounter a problem when reading information dumped out from an executable file in linux. The information is as follows:
804a0ea: 04 08 add $0x8, %al
...
804a0f4: a6 cmpsb %es:(%edi),%ds:(%esi)
I have two questions:
Thanks in advance.
More information around this part of code:
Disassembly of section .got.plt:
0804a0e8 <_GLOBAL_OFFSET_TABLE_>:
804a0e8: 14 a0 adc $0xa0,%al
804a0ea: 04 08 add $0x8,%al
...
804a0f4: a6 cmpsb %es:(%edi),%ds:(%esi)
804a0f5: 87 04 08 xchg %eax,(%eax,%ecx,1)
804a0f8: b6 87 mov $0x87,%dh
804a0fa: 04 08 add $0x8,%al
804a0fc: c6 87 04 08 d6 87 04 movb $0x4,-0x7829f7fc(%edi)
804a103: 08 e6 or %ah,%dh
804a105: 87 04 08 xchg %eax,(%eax,%ecx,1)
804a108: f6 87 04 08 06 88 04 testb $0x4,-0x77f9f7fc(%edi)
804a10f: 08 16 or %dl,(%esi)
804a111: 88 04 08 mov %al,(%eax,%ecx,1)
804a114: 26 88 04 08 mov %al,%es:(%eax,%ecx,1)
804a118: 36 88 04 08 mov %al,%ss:(%eax,%ecx,1)
804a11c: 46 inc %esi
Hope anyone can give me a hand.:-)
The global offset table is not pointing to code, it's pointing to data (hrm... offsets, actually). So trying to disassemble it will not give very meaningful code. (you can actually find which offsets by looking at the code values. 0804a014, ... 080487a6).
The ... usually mean a bunch of 0's are in the stream.