对Android原生自修改code [英] Native self-modifying code on Android

问题描述

我试图做一些自我;修改本机code在Android和在模拟器中运行它。我的示例基于从android-NDK的HelloJNI样本。它看起来是这样的：

I am trying to make some self-modifing native code on Android and run it in the emulator. My sample is based on the HelloJNI sample from the android-ndk. It looks like this:

#define NOPE_LENGTH 4

typedef void (*FUNC) (void);

// 00000be4 <nope>:
//     be4: 46c0        nop         (mov r8, r8)
//     be6: 4770        bx  lr
void nope(void) {
    __asm__ __volatile__ ("nop");
}

void execute(void){
    void *code = mmap(NULL, NOPE_LENGTH, PROT_WRITE | PROT_EXEC, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);

    if (code != MAP_FAILED) {
        memcpy(code, nope, NOPE_LENGTH);

        ((FUNC)code)();
    }
}

现在的问题是，这个code崩溃。什么是错的？

The problem is that this code is crashing. What is wrong?

推荐答案

在猜测，没了（）编译为Thumb，但是你叫它为ARM （假设MMAP返回一个字对齐的指针）。要调用拇指code，地址的低位应该设置。尝试是这样的：

At a guess, nope() was compiled as Thumb, but you're calling it as ARM (assuming mmap returns a word-aligned pointer). To call Thumb code, the low bit of the address should be set. Try something like this:

( (FUNC)(((unsigned int)code)|1) )();

要正确地做到这一点，你应该确保分配的内存对齐（2拇指和4 ARM），请确保code你想运行的拇指（或ARM），并设置位0相应。

To do it properly, you should ensure alignment of the allocated memory (2 for Thumb and 4 for ARM), make sure that the code you're trying to run is Thumb (or ARM) and set the bit 0 accordingly.

这篇关于对Android原生自修改code的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！