I'm currently debugging a simple c program, and was wondering about this assembly comparison:
cmpl $0x1d,-0xc(%ebp)
From what I gather, this is checking 29 against a location in memory.
How do I access this in gdb with the print or x commands? Is it as simple as looking at the location provided by ebp then moving 12 bits/bytes along or am I completely on the wrong track?
It is indeed comparing 29 with the location in memory that is offset 12 before ebp. Assuming the program you are disassembling uses frame pointers, it's reading a local variable off the stack, probably the first one. (Although the compiler is free to place them in any order.)
If it's not using frame pointers, disassemble the surrounding code and figure out what assigns ebp.
Yes, that's cmp with an immediate and a memory operand. And yes, the effective address used to load the memory operand is ebp - 12 bytes.
In gdb, $ebp gives you the contents of the ebp register as a value you can use in an expression. So you can do stuff like:
p $ebp-0xc # print the address
p *(int*)($ebp-0xc) # dereference it as an int*
x /4db $ebp-0xc # dump 4 8bit bytes (b) with %d formatting
Printing a char* prints the null-terminated string as well as the address, so you can do something like:
(gdb) p (char*)0x0804980B
$20 = 0x804980b "giants"
Of course, the address can be an expression involving a register value.