Steady as a rock

En hierom was dynamite dus stuk:

[PATCH] Randomisation: mmap randomisation

The patch below randomizes the starting point of the mmap area.

This has the effect that all non-prelinked shared libaries and all bigger
malloc()s will be randomized between various invocations of the binary.
Prelinked binaries get a address-hint from ld.so in their mmap and are thus
exempt from this randomisation, in order to not break the prelink advantage.
The randomisation range is 1 megabyte (this is bigger than the stack
randomisation since the stack randomisation only needs 16 bytes alignment
while the mmap needs page alignment, a 64kb range would not have given enough
entropy to be effective)

En zo fix je dat dus:

#include <stdio.h>
#include <linux/personality.h>
#include <sys/syscall.h>
#include <unistd.h>

#ifndef ADDR_NO_RANDOMIZE
#define ADDR_NO_RANDOMIZE (0x0040000)
#endif

int main(int argc, char* argv[]) {
    char buf[21];
    int sc_ret;
    FILE* fd;

#ifdef FIXMAPS
    sc_ret = syscall(SYS_personality,ADDR_NO_RANDOMIZE);
    if(!sc_ret) { /* Syscall succeeded, execute ourselves again */
        execvp(argv[0],argv);
    }
    else if(!(sc_ret & ADDR_NO_RANDOMIZE)) { /* Setting personality failed */
        perror("Setting personality failed");
        exit(1);
    }
#endif
    fd = fopen("/proc/self/maps", "r");

buf[20] = '';
    while(!feof(fd)) {
        fread(buf, 1, 20, fd);
        fputs(buf,stdout);
    }
}

Compileer met gcc -o main main.c en run het meerder malen. De mappings veranderen steeds. Compileer daarna met gcc -o main main.c -DFIXMAPS en je ziet: de mappings blijven hetzelfde. De stack mapping is wel nog steeds stuk, maar die wordt toch op een andere manier teruggezet. Ik heb goede hoop dat dit alle problemen oplost