Linux下的伪随机堆栈指针? [英] Pseudo-random stack pointer under Linux?

问题描述

当我发现奇怪的东西时，我正在玩一些代码:

I was playing around with some code when I noticed something strange:

[~] main% cat test.cc
#include <stdio.h>

void f()
{
    int i;
    fprintf(stderr, "&i = 0x%08X\n", (long)&i);
}

int main(int argc, char**argv)
{
    f();
}
[~] main% g++ test.cc
[~] main% ./a.out
&i = 0xBFA27AB4
[~] main% ./a.out
&i = 0xBFAD7E24
[~] main% ./a.out
&i = 0xBFCA3464
[~] main% ./a.out
&i = 0xBF96C064
[~] main%

对我来说奇怪的是变量i地址的变化.

The odd thing to me is the variation in the address of the variable i.

我的猜测是内核提供了不同的堆栈起始地址来尝试阻止某种破解.真正的原因是什么?

My guess is that the kernel supplies different stack start addresses to try to thwart some kind of crack. What's the real reason?

推荐答案

地址空间布局随机化正是由于这个原因，在多个操作系统上使用了Windows XP.堆栈指针地址的变化很可能是由这种情况引起的-在最新版本的Linux和* BSD上很可能是这种情况. IIRC Windows的最新版本也可以做到这一点.

Address space layout randomisation is used on several operating systems for precisely this reason. Your variation in stack pointer addresses may well be caused by this - very likely to be the case on recent versions of Linux and or *BSD. IIRC recent versions of Windows do this as well.

这篇关于Linux下的伪随机堆栈指针?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！