-
Notifications
You must be signed in to change notification settings - Fork 177
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
maps: handle the gap behind .text of the exe
With the 04/2015 Linux kernel commit a87938b2e246 ("fs/binfmt_elf.c: fix bug in loading of PIE binaries") we've noticed that our assumption that nothing gets loaded into the gap behind the .text region of the executable has proven wrong. Unrelated regions might be loaded via mmap() to that location. Scanmem sets the region type to 'misc' instead of 'exe' for the .rodata, .data and .bss sections of the executable and also the load address is incorrect this way. So count the regions belonging to the executable separately and if there are not at least two of them, don't reset that count and try to detect further regions belonging to the executable. There must be at least a .data region. Also remember the load address of the executable and assign it to the other regions belonging to it. This has been tested with PIE binaries with and without an affected kernel. This has been also tested with regular executables without PIE with and without an affected kernel. Reference: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/ commit/?id=a87938b2e246b81b4fb713edb371a9fa3c5c3c86 Fixes: GitHub issue #122
- Loading branch information
Showing
1 changed file
with
35 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters