为什么数据和堆栈段可执行? [英] Why data and stack segments are executable?
问题描述
我刚刚注意到我简单的程序有其数据和堆栈段可执行。
我看到它在/ proc / [PID] /地图和简单的code证实了它。
I have just noticed that my simple program has its data and stack segments executable. I saw it in /proc/[pid]/maps, and simple code confirmed it.
例如:
; prog.asm
section .data
code: db 0xCC ;int3
section .text
global _start
_start:
jmp code
mov rax, 60 ; sys_exit
mov rdi, 0
syscall
然后
nasm -f elf64 prog.asm
ld -o prog prog.o
./prog
导致PROG执行指令INT3
causes prog to execute int3 instruction.
程序有自己的数据,栈和堆非可执行文件,所以为什么那些写在装配的行为以不同的方式?
Programs written in C and built with gcc have their data, stack and heap non-executable, so why those written in assembly behave in a different manner?
推荐答案
在现代的Linux系统中,连接器将标记堆栈/数据非可执行的 IFF 的参与链接的所有对象有特殊标记一节 .note.GNU堆栈
。
On modern Linux systems, the linker will mark stack/data non-executable IFF all objects that participate in the link have a special "marker" section .note.GNU-stack
.
如果您编译例如 INT富(){返回1; }
成总成(包括的gcc -S foo.c的
),你会看到这一点:
If you compile e.g. int foo() { return 1; }
into assembly (with gcc -S foo.c
), you'll see this:
.section .note.GNU-stack,"",@progbits
我不知道语法添加此节 NASM
。
更新:<一href=\"http://websvn.xvid.org/cvs/viewvc.cgi/trunk/xvidcore/src/nasm.inc?r1=1956&r2=1955&pathrev=1956\">example为 NASM
:
section .note.GNU-stack noalloc noexec nowrite progbits
请注意:这对做的每个的的.o
文件进入执行
Note: this has to be done for every .o
file that goes into the executable.
这篇关于为什么数据和堆栈段可执行?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!