6
如何禁止地址空间布局随机化对调试带来的影响
source link: https://www.lujun9972.win/blog/2018/10/27/%E5%A6%82%E4%BD%95%E7%A6%81%E6%AD%A2%E5%9C%B0%E5%9D%80%E7%A9%BA%E9%97%B4%E5%B8%83%E5%B1%80%E9%9A%8F%E6%9C%BA%E5%8C%96%E5%AF%B9%E8%B0%83%E8%AF%95%E5%B8%A6%E6%9D%A5%E7%9A%84%E5%BD%B1%E5%93%8D/index.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
如何禁止地址空间布局随机化对调试带来的影响
从 《Effective Debugging》中学来的,记录一下。
现代linux内核每次加载程序时会将程序加载到内存的随机位置,以防止缓冲区益处的代码注入攻击。
比如下面程序可以输出自身的栈、堆、代码及数据相关的内存地址:
#include <stdio.h>
#include <stdlib.h>
int z;
int i=1;
const int c=1;
int main(int argc, char *argv[])
{
printf("Stack:\t%p\n", (void*)&argc);
printf("heap:\t%p\n", (void*) malloc(1));
printf("code:\t%p\n", (void*) main);
printf("data:\t%p (zero)\n", (void*) &z);
printf("data:\t%p (initialized)\n", (void*) &i);
printf("data:\t%p (constant)\n", (void*) &c);
return 0;
}
第一次执行结果:
Stack: 0x7ffde6f8cf9c heap: 0x55ca3fd9d270 code: 0x55ca3ee95149 data: 0x55ca3ee98040 (zero) data: 0x55ca3ee98038 (initialized) data: 0x55ca3ee96004 (constant)
第二次执行结果:
Stack: 0x7ffebd2eb6ec heap: 0x55a72ae36270 code: 0x55a72ae04149 data: 0x55a72ae07040 (zero) data: 0x55a72ae07038 (initialized) data: 0x55a72ae05004 (constant)
然而这种地址空间布局随机化措施(address space layout randomization, ASLR)可能干扰调试工作,比如会使我们记录下来的指针指变得无效。
要禁止ASLR,可以采用下面方法来运行程序
setarch $(uname -m) -R myprogram
# 这里 -R 表示 --addr-no-randomize
# Disables randomization of the virtual address space. Turns on ADDR_NO_RANDOMIZE.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK