1

Does ASLR affect the maps file? AFAIK the default virtual address for the text segment is 0x400000 for 64-bit binaries, but while parsing the /proc/pid/maps file I found that the OS was apparently using random addresses for the text and data segments, namely:

564992f16000-564992f17000 r-xp 00000000 00:2c 306966 /tmp/foo 564993116000-564993117000 r--p 00000000 00:2c 306966 /tmp/foo 564993117000-564993118000 rw-p 00001000 00:2c 306966 /tmp/foo

Can someone explain what is going on here?

4

1 回答 1

3

如果主程序是 PIE(Position-Independent Executable),它的加载地址也是随机的。即使禁用 ASLR(比如在 GDB 下运行默认值)也不会将其返回到 0x400000,它通常是地址 0x555555554000(但这可能取决于内核)。

于 2018-07-24T20:22:37.287 回答