lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

* Sean Conner:

> It was thus said that the Great Florian Weimer once stated:
>> * Sean Conner:
>> >   I just tested Linux 2.6.9 and 2.6.35, and yes, both will randomize the
>> > base stack address, but not necessarily library function addresses:
>> Oh, I think those are PLT addresses, then.
>> dlsym(RTLD_DEFAULT, "srand") returns a randomized
>> address, but the PLT address is constant (unless you
>> compile with -fPIE or as a dynamic shared object).
>   Yes and no.  Linux 64 bit, the address changes, but only if you
> don't reference srand() before pulling it from dlsym().  On 32 bit
> Linux, and [...] the address never changes.

I can't reproduce either aspect.

This is not too surprising---there are multiple randomization
implementations, with slightly differing behaviors.  I'm a bit
astonished that the system I'm using (stock Debian squeeze) is
randomizing at all.

>   -spc (And even when it does change on 64-bit Linux, the upper 16 bits and
> 	lower 12 never change ... )

Pointers are actually 48 bits only (and the hardware may support even
less in terms of concrete address space layout).  The lower 12 bits
are the intra-page offset, which cannot be changed without rewriting
the page after it comes from disk.  mmap on Linux only supports offset
which are multiples of the page size, which is somewhat