aslr

Heap randomization in Windows

Windows 7 has Heap randomization and Stack randomization features. How could I manage it? How they are affects performance of my application? Where I could find more information on how it works? I'm using Visual Studio 2008 for developing C++ programs. I can't find any compiler's options for that features. ...

How to disable address space randomization for a binary on Linux?

I'm working on a runtime system for parallel programs that can take advantage of a common address space layout across multiple processes, potentially spread over several (thousand) nodes. Many times, software built for this environment is run on Linux systems that have address space randomization enabled by default, and users may not wan...

How do I enable DEP or ASLR for my .NET application?

I'm writing my program in VS2010 and the build target is .NET 4. I believe that the DEP compatibility flag is on by default. Is that true? Is .NET also compatible by default with ASLR, and is ASLR turned on by default for my process, or do I have to request it at runtime? ...

32-bit FreeBSD 7.2 and 1GB mmaps

I've been having some trouble with FreeBSD and large mmaps. Linux does not show the same problems. On program startup it can always get the 1 GB map. However, there's a reload operation where the file is replaced and remapped. The new map is usually just a little bigger each time so it doesn't fit neatly into the old mmap location. This...

DEP and ASLR and how to use it?

ASLR and DEP are two techniques that are used to protect applications from hackers. With many modern applications becoming more security-aware, these techniques are becoming more important. For now, I just focus on Windows 7 and these techniques. I wonder when and how I can best use these techniques, especially when developing desktop ap...

Does ASLR cause a slow loading of Dlls?

In MSVC, the Base Address Randomizaiton is a default option.(Since VS2005?) So, I do not rebase manually the dll's base address anymore. But I rebased my all dlls to improve loading performance when I use VS2003. If I use ASLR option, the loading performance is always decreased? (Of cource I can get other benefits) ...

Microsoft's ASLR is weird.

I watched a ASLRed dll images's based address for 32bit Process. It's not a fully randomization. It just randomizated 1/2 probability. For example, once I load a dll then the image is loaded on 0x12345678. And I load the image again, the image is loaded on 0x23456789.(Base address is chagned!) But I load the image again 0x12345678 0x234...

How can ASLR be effective?

I've heard the theory. Address Space Location Randomization takes libraries and loads them at randomized locations in the virtual address space, so that in case a hacker finds a hole in your program, he doesn't have a pre-known address to execute a return-to-libc attack against, for example. But after thinking about it for a few second...

MSVC linker won't apply RandomizedBaseAddress via vsprops file

I am trying to add ASLR to a project using a vsprops file. I have verified the file is being used by the project as there are other settings in the file that are being applied, and intentionally corrupting the file produces an error when opening the project under MSVC. When I set ASLR to yes I can see RandomizedBaseAddress="2" under <Too...