1

I am working some binary code analysis and reverse engineering task on x86 32-bit Ubuntu 14.04. I am using g++ 4.8.4 to compile the C++ program.

I am wondering whether it is possible to prevent compiler from using segment registers. For example, gs.

An example of the usage is like below:

mov    %gs:0x8,%ebx

I am aware that some segment registers are used for stack canary checking. However, even if I have disabled such checking (-fno-stack-protector), still, there are quite a lot of usages for segment registers...

Peter Cordes
  • 328,167
  • 45
  • 605
  • 847
lllllllllllll
  • 8,519
  • 9
  • 45
  • 80
  • 2
    Do you have some example code? You could then try out a few permutations on [godbolt](https://gcc.godbolt.org/). – Kerrek SB Sep 08 '16 at 22:48
  • 3
    If this is x86-32, it's also used for accessing thread local storage as part of the ELF ABI. I wrote an [answer](http://stackoverflow.com/questions/24793556/addresses-of-thread-local-storage-variables/24795148#24795148) on TLS addressing. – Brett Hale Sep 09 '16 at 00:17
  • 2
    What do you mean "quite a lot of usages"? Are most of them the default segment register for the operation, and just being shown by the disassembler? e.g. [`%es:(%edi)` for STOS?](http://www.felixcloutier.com/x86/STOS:STOSB:STOSW:STOSD:STOSQ.html)? If so, there aren't segment override prefixes in your code, it's just your disassembler being verbose. Look at the compiler's asm output (`gcc -O3 -S`) instead: http://stackoverflow.com/questions/38552116/how-to-remove-noise-from-gcc-clang-assembly-output – Peter Cordes Sep 09 '16 at 00:40

0 Answers0