Different buffer length in gdb

I am trying to exploit the following program :

#include <string.h>
int main(int argc, char *argv[]) {
    char little_array[512];
    if (argc > 1)
        strcpy(little_array, argv[1]);
}

I want to first find the buffer length in order to overflow the stack so I use

(gdb) x/20xw $esp-532
0xffffcda8:     0x00000001      0x00000000      0x41414141      0x41414141
0xffffcdb8:     0x41414141      0x41414141      0x41414141      0x41414141
0xffffcdc8:     0x00000041      0xf7fe6b8c      0xf7ffd000      0x00000000
0xffffcdd8:     0xffffce98      0xf7fe70db      0xf7ffdaf0      0xf7fd8e08
0xffffcde8:     0x00000001      0x00000001      0x00000000      0xf7ff55ac
(gdb) 

And I find the address (since I ran 'AAAA'), so the address is 0xffffcdaa . Im running a 64bit system, disabled ASLR. And I defined the buffer 512 bytes long.

And I get

(gdb) p 0xffffddf0 - 0xffffcdaa
$1 = 4166
(gdb) 

How can this be? It has something to do with my 64bit system? Im trying to follow an old book and cant really find anything better.

I used this program to find the starting point

// find_start.c
unsigned long find_start(void)
{
    __asm__("movl %esp, %eax");
}
int main()
{
    printf("0x%x\n",find_start());
}

(when this program compiled with the -m32 flag the output of it gives me a starting point that gives me a little better result, 574, but still is too far)