GOT address of libc

[stdnoerr]

What does it mean by GOT address of libc in one_gadget's output?
E.g>
`
0x3d123 execve("/bin/sh", esp+0x34, environ)
constraints:
esi is the GOT address of libc
[esp+0x34] == NULL

0x3d125 execve("/bin/sh", esp+0x38, environ)
constraints:
esi is the GOT address of libc
[esp+0x38] == NULL

0x3d129 execve("/bin/sh", esp+0x3c, environ)
constraints:
esi is the GOT address of libc
[esp+0x3c] == NULL

0x3d130 execve("/bin/sh", esp+0x40, environ)
constraints:
esi is the GOT address of libc
[esp+0x40] == NULL

0x67b4f execl("/bin/sh", eax)
constraints:
esi is the GOT address of libc
eax == NULL

0x67b50 execl("/bin/sh", [esp])
constraints:
esi is the GOT address of libc
[esp] == NULL

0x1380be execl("/bin/sh", eax)
constraints:
ebx is the GOT address of libc
eax == NULL

0x1380bf execl("/bin/sh", [esp])
constraints:
ebx is the GOT address of libc
[esp] == NULL
`

[david942j]

Hi @stdnoerr ,

You can find information on my blog (https://david942j.blogspot.com/2017/02/project-one-gadget-in-glibc.html), search for "Data access method".

Thanks ;)

[stdnoerr]

Hey. Well it turned out that GOT address of libc means start of rw section of libc.
Btw, thanks for the response. (I found it myself)

[GionnyBearThaRealHe]

I was stuck on this same problem for a while and in the end the solution was just to leave esi untouched, it is the right value in the main and if you are luky other functions won't permanently change it