-1

I have a .c file containing the following code:

void func(){
    char* string = "hello";
}

which i compile and link using

i386-elf-gcc -ffreestanding -c pointers.c -o pointers.o
i386-elf-ld -o pointers.bin -Ttext 0x0 --oformat binary pointers.o

and then disassemble using ndisasm -b 32 pointers.bin. This yields:

00000000  55                push ebp
00000001  89E5              mov ebp,esp
00000003  83EC10            sub esp,byte +0x10
00000006  C745FC0F000000    mov dword [ebp-0x4],0xf
0000000D  C9                leave
0000000E  C3                ret
0000000F  68656C6C6F        push dword 0x6f6c6c65
00000014  0000              add [eax],al
00000016  0000              add [eax],al
00000018  1400              adc al,0x0
0000001A  0000              add [eax],al
0000001C  0000              add [eax],al
0000001E  0000              add [eax],al
00000020  017A52            add [edx+0x52],edi
00000023  0001              add [ecx],al
00000025  7C08              jl 0x2f
00000027  011B              add [ebx],ebx
00000029  0C04              or al,0x4
0000002B  0488              add al,0x88
0000002D  0100              add [eax],eax
0000002F  001C00            add [eax+eax],bl
00000032  0000              add [eax],al
00000034  1C00              sbb al,0x0
00000036  0000              add [eax],al
00000038  C8FFFFFF          enter 0xffff,0xff
0000003C  0F0000            sldt [eax]
0000003F  0000              add [eax],al
00000041  41                inc ecx
00000042  0E                push cs
00000043  088502420D05      or [ebp+0x50d4202],al
00000049  4B                dec ebx
0000004A  C50C04            lds ecx,[esp+eax]
0000004D  0400              add al,0x0
0000004F  00                db 0x00

The top 7 lines clearly correspond to the c code shown above. However, what is the use of all the stuff after line 7? Examining the bin using xxd does not show intelligible text, so they don't seem to be comments. Is it related to my compiler/linker options?

Anton Quelle
  • 131
  • 6
  • 1
    compile with optimization enabled if you want the actual code for your function to not suck. The function does nothing so it should be optimized to just a `ret`. – Peter Cordes Dec 13 '18 at 03:53

1 Answers1

3
0000000F  68656C6C6F        push dword 0x6f6c6c65

68 65 6c 6c 6f is the string "hello", from the .rodata section of the object file. The disassembly is nonsense.

The rest of the data you're looking at is the contents of the .eh_frame section. This data is used for exception handling, although in this case it's unused. As with the .rodata section, the disassembly of this data is nonsense.

You can view the contents of these sections -- as well as a few other sections that weren't copied to the output file -- by running objdump -D pointers.o.

To better control the format of your binary output, you can write a linker script.