This is the mail archive of the
cygwin-developers
mailing list for the Cygwin project.
Re: Windows heaps and Cygwin heap
On May 13 06:32, Ryan Johnson wrote:
> On 13/05/2011 5:29 AM, Corinna Vinschen wrote:
> >On May 13 10:36, Corinna Vinschen wrote:
> >>So we now know that we are actually observing a part of the ASLR
> >>strategy of NT6. Heap addresses are always randomized. Yes, there is a
> >>PE flag which controls ASLR on a per-executable basis, but unfortunately
> >>this only influences the usage of ASLR for the executable image itself,
> >>as well as the thread stacks. There's no way at all to disable heap ASLR.
> >It appears that I misread. The PE flag might not influence stack
> >randomization, but what I found in the net is contradictory. However,
> >even if stack ASLR is always on, it seems the preferred addresses of
> >thread stacks are also in the range below 0x20000000.
> Maybe I've been confused by some of that contradictory info as well,
> but I had the impression that PE improves dll placement (still
> random, but at least consistent for a given login sesssion), but
> does nothing at all for heaps, thread stacks, or non-image file
> mappings. I'd love to be even partly wrong tho...
Randomization of DLL and executable image definitely depends on
the ASLR PE flag. Heap randomization can not be switched off.
Whether or not stack randomization is influenced by this flag
is not quite clear from googling.
> In any case, I also have never seen problems above 0x20000000.
> Should we also rebase all cyg*.dll to land above that address?
> Statically-linked dlls shifting around are a huge problem for me, at
> least (emacs!)
In theory all (newer) cygwin DLLs should be have a randomized start
address beyond the cygwin DLL address anyway, because that's the
linker default. In the earlier days the linker default was to set
the DLL address to 0x10000000. I hope that's mostly gone now.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat