1 #include <stdio.h> 2 #include <stdlib.h> 3 #include <stdint.h> 4 5 6 // Note: The first instruction stands for ldr, which loads the data from 7 // memory to the specified register. Notice that due to the pipeline design, 8 // when ldr is executed, the program will be advanced by 8. So, to get our 9 // address we should substract it by 4. 10 11 uint32_t stub[] = { 12 0xe51ff004ul, // ldr pc, [pc, #-4] 13 0x00000000ul // address 14 }; 15 16 int test() { 17 printf("hello world!\n"); 18 return 5; 19 } 20 21 int main() { 22 int (*f)() = (int (*)())stub; 23 stub[1] = (uint32_t)(uintptr_t)test; 24 25 printf("return = %d\n", f()); 26 return EXIT_SUCCESS; 27 } 28
