2008-06-17 16:24:16 +00:00
|
|
|
2008-06-08 Jan Kratochvil <jan.kratochvil@redhat.com>
|
|
|
|
|
|
|
|
* configure.ac: Add check for HAVE_PERSONALITY and
|
|
|
|
HAVE_DECL_ADDR_NO_RANDOMIZE.
|
|
|
|
* configure, config.in: Regenerate.
|
|
|
|
* fork-child.c: New include <errno.h>.
|
|
|
|
[HAVE_PERSONALITY]: New include <sys/personality.h>.
|
|
|
|
[HAVE_PERSONALITY] (set_disable_randomization): New function.
|
|
|
|
(disable_randomization, show_disable_randomization): New.
|
|
|
|
(fork_inferior) [HAVE_PERSONALITY] [!HAVE_DECL_ADDR_NO_RANDOMIZE]: Set
|
|
|
|
ADDR_NO_RANDOMIZE.
|
|
|
|
(fork_inferior) [HAVE_PERSONALITY]: Disable randomization upon the
|
|
|
|
variable DISABLE_RANDOMIZATION.
|
|
|
|
(_initialize_fork_child): Call ADD_SETSHOW_BOOLEAN_CMD for the variable
|
|
|
|
DISABLE_RANDOMIZATION.
|
|
|
|
|
|
|
|
2008-06-08 Jan Kratochvil <jan.kratochvil@redhat.com>
|
|
|
|
|
|
|
|
* gdb.texinfo (Starting): Document "set disable-randomization".
|
|
|
|
|
|
|
|
2008-06-08 Jan Kratochvil <jan.kratochvil@redhat.com>
|
|
|
|
|
|
|
|
* gdb.base/randomize.exp, gdb.base/randomize.c: New files.
|
|
|
|
|
|
|
|
[ Ported for Fedora GDB. ]
|
|
|
|
|
2008-07-14 09:09:04 +00:00
|
|
|
Index: gdb-6.8/gdb/config.in
|
|
|
|
===================================================================
|
|
|
|
--- gdb-6.8.orig/gdb/config.in 2008-07-14 10:27:27.000000000 +0200
|
|
|
|
+++ gdb-6.8/gdb/config.in 2008-07-14 10:28:50.000000000 +0200
|
|
|
|
@@ -64,6 +64,10 @@
|
2008-06-17 16:24:16 +00:00
|
|
|
/* Define to 1 if you have the <curses.h> header file. */
|
|
|
|
#undef HAVE_CURSES_H
|
|
|
|
|
|
|
|
+/* Define to 1 if you have the declaration of `ADDR_NO_RANDOMIZE', and to 0 if
|
|
|
|
+ you don't. */
|
|
|
|
+#undef HAVE_DECL_ADDR_NO_RANDOMIZE
|
|
|
|
+
|
|
|
|
/* Define to 1 if you have the declaration of `free', and to 0 if you don't.
|
|
|
|
*/
|
|
|
|
#undef HAVE_DECL_FREE
|
2008-07-14 09:09:04 +00:00
|
|
|
@@ -203,6 +207,9 @@
|
2008-06-17 16:24:16 +00:00
|
|
|
/* Define to 1 if you have the <nlist.h> header file. */
|
|
|
|
#undef HAVE_NLIST_H
|
|
|
|
|
|
|
|
+/* Define if you support the personality syscall. */
|
|
|
|
+#undef HAVE_PERSONALITY
|
|
|
|
+
|
|
|
|
/* Define to 1 if you have the `poll' function. */
|
|
|
|
#undef HAVE_POLL
|
|
|
|
|
2008-07-14 09:09:04 +00:00
|
|
|
Index: gdb-6.8/gdb/configure
|
|
|
|
===================================================================
|
|
|
|
--- gdb-6.8.orig/gdb/configure 2008-07-14 10:27:27.000000000 +0200
|
|
|
|
+++ gdb-6.8/gdb/configure 2008-07-14 10:28:50.000000000 +0200
|
|
|
|
@@ -22911,6 +22911,188 @@ _ACEOF
|
2008-06-17 16:24:16 +00:00
|
|
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
+echo "$as_me:$LINENO: checking whether ADDR_NO_RANDOMIZE is declared" >&5
|
|
|
|
+echo $ECHO_N "checking whether ADDR_NO_RANDOMIZE is declared... $ECHO_C" >&6
|
|
|
|
+if test "${ac_cv_have_decl_ADDR_NO_RANDOMIZE+set}" = set; then
|
|
|
|
+ echo $ECHO_N "(cached) $ECHO_C" >&6
|
|
|
|
+else
|
|
|
|
+ cat >conftest.$ac_ext <<_ACEOF
|
|
|
|
+/* confdefs.h. */
|
|
|
|
+_ACEOF
|
|
|
|
+cat confdefs.h >>conftest.$ac_ext
|
|
|
|
+cat >>conftest.$ac_ext <<_ACEOF
|
|
|
|
+/* end confdefs.h. */
|
|
|
|
+#include <sys/personality.h>
|
|
|
|
+
|
|
|
|
+int
|
|
|
|
+main ()
|
|
|
|
+{
|
|
|
|
+#ifndef ADDR_NO_RANDOMIZE
|
|
|
|
+ char *p = (char *) ADDR_NO_RANDOMIZE;
|
|
|
|
+#endif
|
|
|
|
+
|
|
|
|
+ ;
|
|
|
|
+ return 0;
|
|
|
|
+}
|
|
|
|
+_ACEOF
|
|
|
|
+rm -f conftest.$ac_objext
|
|
|
|
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
|
|
|
|
+ (eval $ac_compile) 2>conftest.er1
|
|
|
|
+ ac_status=$?
|
|
|
|
+ grep -v '^ *+' conftest.er1 >conftest.err
|
|
|
|
+ rm -f conftest.er1
|
|
|
|
+ cat conftest.err >&5
|
|
|
|
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
|
|
|
+ (exit $ac_status); } &&
|
|
|
|
+ { ac_try='test -z "$ac_c_werror_flag"
|
|
|
|
+ || test ! -s conftest.err'
|
|
|
|
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
|
|
|
+ (eval $ac_try) 2>&5
|
|
|
|
+ ac_status=$?
|
|
|
|
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
|
|
|
+ (exit $ac_status); }; } &&
|
|
|
|
+ { ac_try='test -s conftest.$ac_objext'
|
|
|
|
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
|
|
|
+ (eval $ac_try) 2>&5
|
|
|
|
+ ac_status=$?
|
|
|
|
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
|
|
|
+ (exit $ac_status); }; }; then
|
|
|
|
+ ac_cv_have_decl_ADDR_NO_RANDOMIZE=yes
|
|
|
|
+else
|
|
|
|
+ echo "$as_me: failed program was:" >&5
|
|
|
|
+sed 's/^/| /' conftest.$ac_ext >&5
|
|
|
|
+
|
|
|
|
+ac_cv_have_decl_ADDR_NO_RANDOMIZE=no
|
|
|
|
+fi
|
|
|
|
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
|
|
|
|
+fi
|
|
|
|
+echo "$as_me:$LINENO: result: $ac_cv_have_decl_ADDR_NO_RANDOMIZE" >&5
|
|
|
|
+echo "${ECHO_T}$ac_cv_have_decl_ADDR_NO_RANDOMIZE" >&6
|
|
|
|
+if test $ac_cv_have_decl_ADDR_NO_RANDOMIZE = yes; then
|
|
|
|
+
|
|
|
|
+cat >>confdefs.h <<_ACEOF
|
|
|
|
+#define HAVE_DECL_ADDR_NO_RANDOMIZE 1
|
|
|
|
+_ACEOF
|
|
|
|
+
|
|
|
|
+
|
|
|
|
+else
|
|
|
|
+ cat >>confdefs.h <<_ACEOF
|
|
|
|
+#define HAVE_DECL_ADDR_NO_RANDOMIZE 0
|
|
|
|
+_ACEOF
|
|
|
|
+
|
|
|
|
+
|
|
|
|
+fi
|
|
|
|
+
|
|
|
|
+
|
|
|
|
+
|
|
|
|
+if test "$cross_compiling" = yes; then
|
|
|
|
+ cat >conftest.$ac_ext <<_ACEOF
|
|
|
|
+/* confdefs.h. */
|
|
|
|
+_ACEOF
|
|
|
|
+cat confdefs.h >>conftest.$ac_ext
|
|
|
|
+cat >>conftest.$ac_ext <<_ACEOF
|
|
|
|
+/* end confdefs.h. */
|
|
|
|
+#include <sys/personality.h>
|
|
|
|
+int
|
|
|
|
+main ()
|
|
|
|
+{
|
|
|
|
+
|
|
|
|
+# if !HAVE_DECL_ADDR_NO_RANDOMIZE
|
|
|
|
+# define ADDR_NO_RANDOMIZE 0x0040000
|
|
|
|
+# endif
|
|
|
|
+ /* Test the flag could be set and stays set. */
|
|
|
|
+ personality (personality (0xffffffff) | ADDR_NO_RANDOMIZE);
|
|
|
|
+ if (!(personality (personality (0xffffffff)) & ADDR_NO_RANDOMIZE))
|
|
|
|
+ return 1
|
|
|
|
+ ;
|
|
|
|
+ return 0;
|
|
|
|
+}
|
|
|
|
+_ACEOF
|
|
|
|
+rm -f conftest.$ac_objext conftest$ac_exeext
|
|
|
|
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
|
|
|
|
+ (eval $ac_link) 2>conftest.er1
|
|
|
|
+ ac_status=$?
|
|
|
|
+ grep -v '^ *+' conftest.er1 >conftest.err
|
|
|
|
+ rm -f conftest.er1
|
|
|
|
+ cat conftest.err >&5
|
|
|
|
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
|
|
|
+ (exit $ac_status); } &&
|
|
|
|
+ { ac_try='test -z "$ac_c_werror_flag"
|
|
|
|
+ || test ! -s conftest.err'
|
|
|
|
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
|
|
|
+ (eval $ac_try) 2>&5
|
|
|
|
+ ac_status=$?
|
|
|
|
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
|
|
|
+ (exit $ac_status); }; } &&
|
|
|
|
+ { ac_try='test -s conftest$ac_exeext'
|
|
|
|
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
|
|
|
+ (eval $ac_try) 2>&5
|
|
|
|
+ ac_status=$?
|
|
|
|
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
|
|
|
+ (exit $ac_status); }; }; then
|
|
|
|
+ have_personality=true
|
|
|
|
+else
|
|
|
|
+ echo "$as_me: failed program was:" >&5
|
|
|
|
+sed 's/^/| /' conftest.$ac_ext >&5
|
|
|
|
+
|
|
|
|
+have_personality=false
|
|
|
|
+fi
|
|
|
|
+rm -f conftest.err conftest.$ac_objext \
|
|
|
|
+ conftest$ac_exeext conftest.$ac_ext
|
|
|
|
+else
|
|
|
|
+ cat >conftest.$ac_ext <<_ACEOF
|
|
|
|
+/* confdefs.h. */
|
|
|
|
+_ACEOF
|
|
|
|
+cat confdefs.h >>conftest.$ac_ext
|
|
|
|
+cat >>conftest.$ac_ext <<_ACEOF
|
|
|
|
+/* end confdefs.h. */
|
|
|
|
+#include <sys/personality.h>
|
|
|
|
+int
|
|
|
|
+main ()
|
|
|
|
+{
|
|
|
|
+
|
|
|
|
+# if !HAVE_DECL_ADDR_NO_RANDOMIZE
|
|
|
|
+# define ADDR_NO_RANDOMIZE 0x0040000
|
|
|
|
+# endif
|
|
|
|
+ /* Test the flag could be set and stays set. */
|
|
|
|
+ personality (personality (0xffffffff) | ADDR_NO_RANDOMIZE);
|
|
|
|
+ if (!(personality (personality (0xffffffff)) & ADDR_NO_RANDOMIZE))
|
|
|
|
+ return 1
|
|
|
|
+ ;
|
|
|
|
+ return 0;
|
|
|
|
+}
|
|
|
|
+_ACEOF
|
|
|
|
+rm -f conftest$ac_exeext
|
|
|
|
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
|
|
|
|
+ (eval $ac_link) 2>&5
|
|
|
|
+ ac_status=$?
|
|
|
|
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
|
|
|
+ (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
|
|
|
|
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
|
|
|
+ (eval $ac_try) 2>&5
|
|
|
|
+ ac_status=$?
|
|
|
|
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
|
|
|
+ (exit $ac_status); }; }; then
|
|
|
|
+ have_personality=true
|
|
|
|
+else
|
|
|
|
+ echo "$as_me: program exited with status $ac_status" >&5
|
|
|
|
+echo "$as_me: failed program was:" >&5
|
|
|
|
+sed 's/^/| /' conftest.$ac_ext >&5
|
|
|
|
+
|
|
|
|
+( exit $ac_status )
|
|
|
|
+have_personality=false
|
|
|
|
+fi
|
|
|
|
+rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
|
|
|
|
+fi
|
|
|
|
+if $have_personality
|
|
|
|
+then
|
|
|
|
+
|
|
|
|
+cat >>confdefs.h <<\_ACEOF
|
|
|
|
+#define HAVE_PERSONALITY 1
|
|
|
|
+_ACEOF
|
|
|
|
+
|
|
|
|
+fi
|
|
|
|
+
|
|
|
|
|
|
|
|
|
|
|
|
# Check whether --with-sysroot or --without-sysroot was given.
|
2008-07-14 09:09:04 +00:00
|
|
|
Index: gdb-6.8/gdb/configure.ac
|
|
|
|
===================================================================
|
|
|
|
--- gdb-6.8.orig/gdb/configure.ac 2008-07-14 10:27:27.000000000 +0200
|
|
|
|
+++ gdb-6.8/gdb/configure.ac 2008-07-14 10:28:50.000000000 +0200
|
|
|
|
@@ -1254,6 +1254,29 @@ if test "x$gdb_cv_sys_syscall_h_has_tkil
|
2008-06-17 16:24:16 +00:00
|
|
|
AC_DEFINE(HAVE_TKILL_SYSCALL, 1, [Define if you support the tkill syscall.])
|
|
|
|
fi
|
|
|
|
|
|
|
|
+dnl Check if we can disable the virtual address space randomization.
|
|
|
|
+dnl The functionality of setarch -R.
|
|
|
|
+AC_CHECK_DECLS([ADDR_NO_RANDOMIZE],,, [#include <sys/personality.h>])
|
|
|
|
+define([PERSONALITY_TEST], [AC_LANG_PROGRAM([#include <sys/personality.h>], [
|
|
|
|
+# if !HAVE_DECL_ADDR_NO_RANDOMIZE
|
|
|
|
+# define ADDR_NO_RANDOMIZE 0x0040000
|
|
|
|
+# endif
|
|
|
|
+ /* Test the flag could be set and stays set. */
|
|
|
|
+ personality (personality (0xffffffff) | ADDR_NO_RANDOMIZE);
|
|
|
|
+ if (!(personality (personality (0xffffffff)) & ADDR_NO_RANDOMIZE))
|
|
|
|
+ return 1])])
|
|
|
|
+AC_RUN_IFELSE([PERSONALITY_TEST],
|
|
|
|
+ [have_personality=true],
|
|
|
|
+ [have_personality=false],
|
|
|
|
+ [AC_LINK_IFELSE([PERSONALITY_TEST],
|
|
|
|
+ [have_personality=true],
|
|
|
|
+ [have_personality=false])])
|
|
|
|
+if $have_personality
|
|
|
|
+then
|
|
|
|
+ AC_DEFINE([HAVE_PERSONALITY], 1,
|
|
|
|
+ [Define if you support the personality syscall.])
|
|
|
|
+fi
|
|
|
|
+
|
|
|
|
dnl Handle optional features that can be enabled.
|
|
|
|
|
|
|
|
AC_ARG_WITH(sysroot,
|
2008-07-14 09:09:04 +00:00
|
|
|
Index: gdb-6.8/gdb/fork-child.c
|
|
|
|
===================================================================
|
|
|
|
--- gdb-6.8.orig/gdb/fork-child.c 2008-01-29 22:11:24.000000000 +0100
|
|
|
|
+++ gdb-6.8/gdb/fork-child.c 2008-07-14 10:28:50.000000000 +0200
|
2008-06-17 16:24:16 +00:00
|
|
|
@@ -32,12 +32,45 @@
|
|
|
|
#include "gdbthread.h"
|
|
|
|
#include "command.h" /* for dont_repeat () */
|
|
|
|
#include "solib.h"
|
|
|
|
+#include "gdbcmd.h"
|
|
|
|
|
|
|
|
#include <signal.h>
|
|
|
|
+#include <errno.h>
|
|
|
|
+#ifdef HAVE_PERSONALITY
|
|
|
|
+# include <sys/personality.h>
|
|
|
|
+#endif
|
|
|
|
|
|
|
|
/* This just gets used as a default if we can't find SHELL. */
|
|
|
|
#define SHELL_FILE "/bin/sh"
|
|
|
|
|
|
|
|
+static int disable_randomization =
|
|
|
|
+#ifdef HAVE_PERSONALITY
|
|
|
|
+ 1;
|
|
|
|
+#else
|
|
|
|
+ 0;
|
|
|
|
+#endif
|
|
|
|
+
|
|
|
|
+#ifndef HAVE_PERSONALITY
|
|
|
|
+static void
|
|
|
|
+set_disable_randomization (char *args, int from_tty, struct cmd_list_element *c)
|
|
|
|
+{
|
|
|
|
+ if (disable_randomization)
|
|
|
|
+ {
|
|
|
|
+ disable_randomization = 0;
|
|
|
|
+ error (_("Unsupported on this platform."));
|
|
|
|
+ }
|
|
|
|
+}
|
|
|
|
+#endif
|
|
|
|
+
|
|
|
|
+static void
|
|
|
|
+show_disable_randomization (struct ui_file *file, int from_tty,
|
|
|
|
+ struct cmd_list_element *c, const char *value)
|
|
|
|
+{
|
|
|
|
+ fprintf_filtered (file, _("\
|
|
|
|
+Disabling randomization of debuggee's virtual address space is %s.\n"),
|
|
|
|
+ value);
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
extern char **environ;
|
|
|
|
|
|
|
|
/* Break up SCRATCH into an argument vector suitable for passing to
|
|
|
|
@@ -289,6 +322,24 @@ fork_inferior (char *exec_file_arg, char
|
|
|
|
if (debug_fork)
|
|
|
|
sleep (debug_fork);
|
|
|
|
|
|
|
|
+#ifdef HAVE_PERSONALITY
|
|
|
|
+# if !HAVE_DECL_ADDR_NO_RANDOMIZE
|
|
|
|
+# define ADDR_NO_RANDOMIZE 0x0040000
|
|
|
|
+# endif
|
|
|
|
+ if (disable_randomization)
|
|
|
|
+ {
|
|
|
|
+ int val;
|
|
|
|
+
|
|
|
|
+ errno = 0;
|
|
|
|
+ val = personality (0xffffffff);
|
|
|
|
+ if (errno == 0)
|
|
|
|
+ personality (val | ADDR_NO_RANDOMIZE);
|
|
|
|
+ if (errno != 0 || !(personality (0xffffffff) & ADDR_NO_RANDOMIZE))
|
|
|
|
+ warning (_("Currently enabled disable-randomization is unsupported "
|
|
|
|
+ "on this platform."));
|
|
|
|
+ }
|
|
|
|
+#endif /* HAVE_PERSONALITY */
|
|
|
|
+
|
|
|
|
/* Run inferior in a separate process group. */
|
|
|
|
debug_setpgrp = gdb_setpgid ();
|
|
|
|
if (debug_setpgrp == -1)
|
|
|
|
@@ -446,3 +497,23 @@ startup_inferior (int ntraps)
|
|
|
|
}
|
|
|
|
stop_soon = NO_STOP_QUIETLY;
|
|
|
|
}
|
|
|
|
+
|
|
|
|
+void
|
|
|
|
+_initialize_fork_child (void)
|
|
|
|
+{
|
|
|
|
+
|
|
|
|
+ add_setshow_boolean_cmd ("disable-randomization", class_support,
|
|
|
|
+ &disable_randomization, _("\
|
|
|
|
+Set disabling of debuggee's virtual address space randomization."), _("\
|
|
|
|
+Show disabling of debuggee's virtual address space randomization."), _("\
|
|
|
|
+When this mode is on (which is the default), the randomization of\n\
|
|
|
|
+the virtual address space is disabled. Standalone programs run with the\n\
|
|
|
|
+randomization enabled by default on some platforms."),
|
|
|
|
+#ifdef HAVE_PERSONALITY
|
|
|
|
+ NULL,
|
|
|
|
+#else
|
|
|
|
+ &set_disable_randomization,
|
|
|
|
+#endif
|
|
|
|
+ &show_disable_randomization,
|
|
|
|
+ &setlist, &showlist);
|
|
|
|
+}
|
2008-07-14 09:09:04 +00:00
|
|
|
Index: gdb-6.8/gdb/doc/gdb.texinfo
|
|
|
|
===================================================================
|
|
|
|
--- gdb-6.8.orig/gdb/doc/gdb.texinfo 2008-07-14 10:28:36.000000000 +0200
|
|
|
|
+++ gdb-6.8/gdb/doc/gdb.texinfo 2008-07-14 10:28:50.000000000 +0200
|
|
|
|
@@ -1820,6 +1820,57 @@ argument to @value{GDBN} (@pxref{Invocat
|
|
|
|
@value{GDBN}}), or by using the @code{file} or @code{exec-file} command
|
|
|
|
(@pxref{Files, ,Commands to Specify Files}).
|
2008-06-17 16:24:16 +00:00
|
|
|
|
|
|
|
+@kindex set disable-randomization
|
|
|
|
+@item set disable-randomization
|
|
|
|
+@itemx set disable-randomization on
|
|
|
|
+This option (enabled by default in @value{GDBN}) will turn off the native
|
|
|
|
+randomization of the virtual address space of the started program. This option
|
|
|
|
+is useful for multiple debugging sessions to make the execution better
|
|
|
|
+reproducible and memory addresses reusable across debugging sessions.
|
|
|
|
+
|
|
|
|
+This feature is implemented at least on @sc{gnu}/Linux and OpenBSD. You can
|
|
|
|
+get the same behavior using
|
|
|
|
+
|
|
|
|
+@smallexample
|
|
|
|
+(@value{GDBP}) set exec-wrapper setarch `uname -m` -R
|
|
|
|
+@end smallexample
|
|
|
|
+
|
|
|
|
+@item set disable-randomization off
|
|
|
|
+Leave the behavior of the started executable unchanged. Some bugs rear their
|
|
|
|
+ugly heads only when the program is loaded at certain addresses. If your bug
|
|
|
|
+disappears when you run the program under @value{GDBN}, that might be because
|
|
|
|
+@value{GDBN} by default disables the address randomization on platforms, such
|
|
|
|
+as @sc{gnu}/Linux, which do that for stand-alone programs. Use @kbd{set
|
|
|
|
+disable-randomization off} to try to reproduce such elusive bugs.
|
|
|
|
+
|
|
|
|
+The virtual address space randomization is implemented at least on
|
|
|
|
+@sc{gnu}/Linux and OpenBSD. It protects the programs against some kinds of
|
|
|
|
+security attacks. In these cases the attacker needs to know the exact location
|
|
|
|
+of a concrete executable code. Randomizing its location makes it impossible to
|
|
|
|
+inject jumps misusing a code at its expected addresses.
|
|
|
|
+
|
|
|
|
+Prelinking shared libraries provides a startup performance advantage but it
|
|
|
|
+makes addresses in these libraries predictable for privileged processes by
|
|
|
|
+having just unprivileged access at the target system. Reading the shared
|
|
|
|
+library binary gives enough information for assembling the malicious code
|
|
|
|
+misusing it. Still even a prelinked shared library can get loaded a a new
|
|
|
|
+random address just requiring the regular relocation process during the
|
|
|
|
+startup. Shared libraries not already prelinked are always loaded at
|
|
|
|
+a randomly chosen address.
|
|
|
|
+
|
|
|
|
+Position independent executables (PIE) contain position independent code
|
|
|
|
+similar to the shared libraries and therefore such executables get loaded at
|
|
|
|
+a randomly chosen address upon startup. PIE executables always load even
|
|
|
|
+already prelinked shared libraries at a random address. You can build such
|
|
|
|
+executable using @command{gcc -fPIE -pie}.
|
|
|
|
+
|
|
|
|
+Heap (malloc storage), stack and custom mmap areas are always placed randomly
|
|
|
|
+(as long as the randomization is enabled).
|
|
|
|
+
|
|
|
|
+@item show disable-randomization
|
|
|
|
+Show the current setting of the explicit disable of the native randomization of
|
|
|
|
+the virtual address space of the started program.
|
|
|
|
+
|
|
|
|
@end table
|
|
|
|
|
2008-07-14 09:09:04 +00:00
|
|
|
If you are running your program in an execution environment that
|
|
|
|
Index: gdb-6.8/gdb/testsuite/gdb.base/randomize.c
|
|
|
|
===================================================================
|
|
|
|
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
|
|
|
+++ gdb-6.8/gdb/testsuite/gdb.base/randomize.c 2008-07-14 10:28:50.000000000 +0200
|
2008-06-17 16:24:16 +00:00
|
|
|
@@ -0,0 +1,32 @@
|
|
|
|
+/* This testcase is part of GDB, the GNU debugger.
|
|
|
|
+
|
|
|
|
+ Copyright 2008 Free Software Foundation, Inc.
|
|
|
|
+
|
|
|
|
+ This program is free software; you can redistribute it and/or modify
|
|
|
|
+ it under the terms of the GNU General Public License as published by
|
|
|
|
+ the Free Software Foundation; either version 3 of the License, or
|
|
|
|
+ (at your option) any later version.
|
|
|
|
+
|
|
|
|
+ This program is distributed in the hope that it will be useful,
|
|
|
|
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
+ GNU General Public License for more details.
|
|
|
|
+
|
|
|
|
+ You should have received a copy of the GNU General Public License
|
|
|
|
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
+
|
|
|
|
+ Please email any bugs, comments, and/or additions to this file to:
|
|
|
|
+ bug-gdb@prep.ai.mit.edu */
|
|
|
|
+
|
|
|
|
+#include <stdlib.h>
|
|
|
|
+#include <stdio.h>
|
|
|
|
+
|
|
|
|
+int main()
|
|
|
|
+{
|
|
|
|
+ void *p;
|
|
|
|
+
|
|
|
|
+ p = malloc (1);
|
|
|
|
+ printf ("address = %p\n", p);
|
|
|
|
+
|
|
|
|
+ return 0;
|
|
|
|
+}
|
2008-07-14 09:09:04 +00:00
|
|
|
Index: gdb-6.8/gdb/testsuite/gdb.base/randomize.exp
|
|
|
|
===================================================================
|
|
|
|
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
|
|
|
+++ gdb-6.8/gdb/testsuite/gdb.base/randomize.exp 2008-07-14 10:28:50.000000000 +0200
|
2008-06-17 16:24:16 +00:00
|
|
|
@@ -0,0 +1,63 @@
|
|
|
|
+# Copyright 2008 Free Software Foundation, Inc.
|
|
|
|
+
|
|
|
|
+# This program is free software; you can redistribute it and/or modify
|
|
|
|
+# it under the terms of the GNU General Public License as published by
|
|
|
|
+# the Free Software Foundation; either version 3 of the License, or
|
|
|
|
+# (at your option) any later version.
|
|
|
|
+#
|
|
|
|
+# This program is distributed in the hope that it will be useful,
|
|
|
|
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
+# GNU General Public License for more details.
|
|
|
|
+#
|
|
|
|
+# You should have received a copy of the GNU General Public License
|
|
|
|
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
+
|
|
|
|
+set testfile randomize
|
|
|
|
+set srcfile ${testfile}.c
|
|
|
|
+set binfile ${objdir}/${subdir}/${testfile}
|
|
|
|
+if { [gdb_compile "${srcdir}/${subdir}/${srcfile}" "${binfile}" executable {debug}] != "" } {
|
|
|
|
+ untested "Couldn't compile test program"
|
|
|
|
+ return -1
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+# Get things started.
|
|
|
|
+
|
|
|
|
+gdb_exit
|
|
|
|
+gdb_start
|
|
|
|
+gdb_reinitialize_dir $srcdir/$subdir
|
|
|
|
+gdb_load ${binfile}
|
|
|
|
+
|
|
|
|
+proc address_get { testname } {
|
|
|
|
+ global gdb_prompt
|
|
|
|
+
|
|
|
|
+ if {![runto_main]} {
|
|
|
|
+ return -1
|
|
|
|
+ }
|
|
|
|
+ gdb_test_multiple "continue" $testname {
|
|
|
|
+ -re "address = (0x\[0-9a-f\]*).*Program exited normally..*$gdb_prompt $" {
|
|
|
|
+ pass $testname
|
|
|
|
+ return $expect_out(1,string)
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+gdb_test "set disable-randomization off"
|
|
|
|
+set addr1 [address_get "randomized first address"]
|
|
|
|
+set addr2 [address_get "randomized second address"]
|
|
|
|
+set test "randomized addresses should not match"
|
|
|
|
+if {$addr1 eq $addr2} {
|
|
|
|
+ fail $test
|
|
|
|
+} else {
|
|
|
|
+ pass $test
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+gdb_test "set disable-randomization on"
|
|
|
|
+set addr1 [address_get "fixed first address"]
|
|
|
|
+set addr2 [address_get "fixed second address"]
|
|
|
|
+set test "fixed addresses should match"
|
|
|
|
+if {$addr1 eq $addr2} {
|
|
|
|
+ pass $test
|
|
|
|
+} else {
|
|
|
|
+ fail $test
|
|
|
|
+}
|