ASLR implementation
https://stackoverflow.com/questions/4593910
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianسؤال
I just read about how ASLR helps in preventing buffer overflow attacks and would like to have a look at its implementation.
Could someone offer a few pointers on where I could start looking? I would also love it if you could point me towards more reading material related to the same.
المحلول
The implementation can naturally be found in the Linux kernel source tree. Even just grepping for.. randomize_va_space will turn up enough results to start on.
In the elf loader #ifdef arch_randomize_brk -> arch_randomize_brk -> randomize_range
نصائح أخرى
How to use?
https://lkml.org/lkml/2010/11/30/110
What is that?
http://en.wikipedia.org/wiki/Address_space_layout_randomization
Why?
To prevent 2 types of attack:
http://en.wikipedia.org/wiki/Return-to-libc_attack
http://en.wikipedia.org/wiki/Return-oriented_programming
because both attack assumed your code area if fixed in memory.
