From 1a4fd2b73dd3d542ee9bcf52f348a28955792e73 Mon Sep 17 00:00:00 2001
From: Eric Kilmer <eric.d.kilmer@gmail.com>
Date: Tue, 27 Aug 2019 15:19:03 -0400
Subject: [PATCH] Expose hard-coded dynamic load address for ELF sections

This should hopefully provide more programmatic access to plugins and
other support code/scripts about where Manticore loads dynamic ELF
sections in memory (example: position-independent executables).
---
 manticore/platforms/linux.py | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/manticore/platforms/linux.py b/manticore/platforms/linux.py
index dc28ee7b9..e32341903 100644
--- a/manticore/platforms/linux.py
+++ b/manticore/platforms/linux.py
@@ -435,6 +435,10 @@ class Linux(Platform):
     # from /usr/include/asm-generic/resource.h
     FCNTL_FDCWD = -100  # /* Special value used to indicate openat should use the cwd */
 
+    # Hard-coded base load address for dynamic elf binaries (ET_DYN in pyelftools)
+    BASE_DYN_ADDR_32 = 0x56555000
+    BASE_DYN_ADDR = 0x555555554000
+
     def __init__(self, program, argv=None, envp=None, disasm="capstone", **kwargs):
         """
         Builds a Linux OS platform
@@ -1003,9 +1007,9 @@ def load(self, filename, env):
             if base == 0 and elf.header.e_type == "ET_DYN":
                 assert vaddr == 0
                 if addressbitsize == 32:
-                    base = 0x56555000
+                    base = self.BASE_DYN_ADDR_32
                 else:
-                    base = 0x555555554000
+                    base = self.BASE_DYN_ADDR
 
             perms = perms_from_elf(flags)
             hint = base + vaddr