All geek questions in one place

Linux executable stack example (i386 architecture)

I found that when we use nested functions , GCC requires an executable stack for the springboard code . However, the following code, when compiled using gcc, does not show the executable stack. (I used execstack to check if the executable is a stack)

#include <stdio.h> #include <unistd.h> int main() { int add( int a, int b) { return a + b; } return add(2, 3); }

Why does this not lead to the execution of the executable stack? And if this is not intended, can anyone give an example of a code constructor that provides an executable stack?

+6
source share
2 answers

If the nested function does not depend on its "parent" stack at all, then this is just a simple function - the attachment is syntactic (and sliding) sugar.

And if you don’t take the address of the nested function, then the code is not needed. So you need something more to get it all involved.

Here is an example of a dummy example:

 // file tc int doit(int (*fun)(int), int x) { return fun(x); } int foo(int a) { int add(int b) { return a + b; } return doit(&add, 2); } int main(void) { return foo(1); } 
 $ gcc tc tc: In function 'foo': tc:8:13: warning: trampoline generated for nested function 'add' $ ./a.out $ echo $? 3 $ execstack a.out X a.out
+4
source

As your link says http://gcc.gnu.org/onlinedocs/gccint/Trampolines.html

A trampoline is a small piece of code that is created at runtime when the address of a nested function is taken. It is usually located on the stack in the stack frame of the containing function.

In your example, the sub-address is not executed, and gcc does not need to use execstack.

Here is a sample code with a trampoline: http://www.win.tue.nl/~aeb/linux/hh/protection.html

 % cat trampoline.c #include <stdio.h> int main(int ac, char **av) { int localfn(int a) { return a+ac; } int (*fptr)(int) = localfn; printf("%d\n", fptr(-1)); return 0; }
+2
source

Source: https://habr.com/ru/post/915563/

More articles:


All Articles