我可以让clang为函数指针生成绝对地址吗？ [英] Can I make clang generate absolute addresses for function pointers?

问题描述

这是我现在正在使用的一些代码的简化版本：

  int Do_A_Thing（void）
 {
 return（42）; 
} 
 
 void Some_Function（void）
 {
 int（* fn_do_thing）（void）= Do_A_Thing; 
 
 fn_do_thing（）; 
} 
  

当在xcode 4.1中编译时，它生成的汇编器设置fn_do_thing变量像这样：

  0x2006：calll 0x200b; 
 0x200b：popl％eax; get EIP 
 0x200c：movl 1333（％eax），％eax 
  

它生成一个相对地址的地方找到Do_A_Thing函数 - 当前指令加1333，根据映射文件是一个非惰性指针的函数。

当我使用Visual Studio在Windows上编译类似的代码时，Windows会生成一个固定的地址，而不是像这样做。如果Do_A_Thing存在于，例如，0x40050914，它只是将fn_do_thing设置为0x40050914。相反，xcode将它设置为我在哪里+一些偏移。

有没有办法让xcode生成一个绝对地址来设置函数指针，像视觉工作室？还是有一些理由不会工作？我注意到每次我运行程序，Do_A_Thing函数（和所有其他函数）似乎加载在不同的地址。

解决方案

您正在查看与位置无关的代码（更具体地说，与位置无关的可执行文件）。这个，正如你所注意到的，允许操作系统在内存中的任何地方加载二进制，这为可能不安全的代码提供了许多安全性改进。

您可以通过删除链接注意，在x86_64（amd64）上，指令可以在XCode（ -Wl，-pie ）中执行。

<相对于指令指针，这提高了这种技术的效率（并使其基本上在性能成本上自由）。

Here's a simplified version of some code I'm working with right now:

int Do_A_Thing(void)
{
    return(42);
}

void Some_Function(void)
{
    int (*fn_do_thing)(void) = Do_A_Thing;

    fn_do_thing();
}

When I compile this in xcode 4.1, the assembler it generates sets the fn_do_thing variable like so:

0x2006: calll  0x200b              ;
0x200b: popl   %eax                ; get EIP
0x200c: movl   1333(%eax), %eax

I.e. it generates a relative address for the place to find the Do_A_Thing function - "current instruction plus 1333", which according to the map file is a "non-lazy pointer" to the function.

When I compile similar code on Windows with Visual Studio, windows generates a fixed address instead of doing it relatively like this. If Do_A_Thing lives at, for example, 0x40050914, it just sets fn_do_thing to 0x40050914. By contrast, xcode sets it to "where I am + some offset".

Is there any way to make xcode generate an absolute address to set the function pointer to, like visual studio does? Or is there some reason that wouldn't work? I have noticed that every time I run the program, the Do_A_Thing function (and all other functions) seem to load at a different address.

解决方案

You're looking at position independent code (more specifically Position Independent Executable) in action. This, as you noticed, allows the OS to load the binary anywhere in memory, which provides numerous security improvements for potentially insecure code.

You can disable it via removing a linker option in XCode (-Wl,-pie).

Note that on x86_64 (amd64), instructions can operate relative to the instruction pointer, which improves the efficiency of this technique (and makes it basically "free" in performance cost).

这篇关于我可以让clang为函数指针生成绝对地址吗？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！