Where the location of code section of a process in linux?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
2
down vote

favorite












I want to restore the stack and heap when process is down. So I must make sure that the address of the function stays the same every time it starts, if the binary stays the same.



Is there anyone could help?







share|improve this question





















  • You're looking for this, right? - linux-audit.com/….
    – slm♦
    Jul 12 at 4:30










  • Thank you.I just want to make sure that the address of the function stays the same every time it starts, if the binary stays the same.
    – å¼ å®åš
    Jul 12 at 6:29














up vote
2
down vote

favorite












I want to restore the stack and heap when process is down. So I must make sure that the address of the function stays the same every time it starts, if the binary stays the same.



Is there anyone could help?







share|improve this question





















  • You're looking for this, right? - linux-audit.com/….
    – slm♦
    Jul 12 at 4:30










  • Thank you.I just want to make sure that the address of the function stays the same every time it starts, if the binary stays the same.
    – å¼ å®åš
    Jul 12 at 6:29












up vote
2
down vote

favorite









up vote
2
down vote

favorite











I want to restore the stack and heap when process is down. So I must make sure that the address of the function stays the same every time it starts, if the binary stays the same.



Is there anyone could help?







share|improve this question













I want to restore the stack and heap when process is down. So I must make sure that the address of the function stays the same every time it starts, if the binary stays the same.



Is there anyone could help?









share|improve this question












share|improve this question




share|improve this question








edited Jul 12 at 6:34
























asked Jul 12 at 4:18









张宏博

134




134











  • You're looking for this, right? - linux-audit.com/….
    – slm♦
    Jul 12 at 4:30










  • Thank you.I just want to make sure that the address of the function stays the same every time it starts, if the binary stays the same.
    – å¼ å®åš
    Jul 12 at 6:29
















  • You're looking for this, right? - linux-audit.com/….
    – slm♦
    Jul 12 at 4:30










  • Thank you.I just want to make sure that the address of the function stays the same every time it starts, if the binary stays the same.
    – å¼ å®åš
    Jul 12 at 6:29















You're looking for this, right? - linux-audit.com/….
– slm♦
Jul 12 at 4:30




You're looking for this, right? - linux-audit.com/….
– slm♦
Jul 12 at 4:30












Thank you.I just want to make sure that the address of the function stays the same every time it starts, if the binary stays the same.
– å¼ å®åš
Jul 12 at 6:29




Thank you.I just want to make sure that the address of the function stays the same every time it starts, if the binary stays the same.
– å¼ å®åš
Jul 12 at 6:29










1 Answer
1






active

oldest

votes

















up vote
0
down vote



accepted










If address-space layout randomisation is enabled — which is the case on most current Linux systems — then no, function addresses don’t stay the same every time a binary is loaded. There are various different layout randomisations which are applied, and if the binary is position-independent, all of them can be applied; in particular, library ASLR means that libraries are loaded in a different place every time, and execution ASLR means that position-independent binaries are loaded in a different place every time too.



The Ubuntu wiki has a nice summary of the different possibilities; they aren’t Ubuntu-specific.



You can disable all this (which isn’t recommended) by changing the /proc/sys/kernel/randomize_va_space setting: 0 will disable ASLR.






share|improve this answer





















  • @张宏博 you’re welcome! And welcome to Unix & Linux. Please take a minute to read the tour, and if this answer addressed your question to your satisfaction, accept it using the big check mark.
    – Stephen Kitt
    Jul 13 at 11:42










  • Ok, sure. sorry for that.
    – å¼ å®åš
    Jul 14 at 3:18










Your Answer







StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);








 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f454819%2fwhere-the-location-of-code-section-of-a-process-in-linux%23new-answer', 'question_page');

);

Post as a guest






























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
0
down vote



accepted










If address-space layout randomisation is enabled — which is the case on most current Linux systems — then no, function addresses don’t stay the same every time a binary is loaded. There are various different layout randomisations which are applied, and if the binary is position-independent, all of them can be applied; in particular, library ASLR means that libraries are loaded in a different place every time, and execution ASLR means that position-independent binaries are loaded in a different place every time too.



The Ubuntu wiki has a nice summary of the different possibilities; they aren’t Ubuntu-specific.



You can disable all this (which isn’t recommended) by changing the /proc/sys/kernel/randomize_va_space setting: 0 will disable ASLR.






share|improve this answer





















  • @张宏博 you’re welcome! And welcome to Unix & Linux. Please take a minute to read the tour, and if this answer addressed your question to your satisfaction, accept it using the big check mark.
    – Stephen Kitt
    Jul 13 at 11:42










  • Ok, sure. sorry for that.
    – å¼ å®åš
    Jul 14 at 3:18














up vote
0
down vote



accepted










If address-space layout randomisation is enabled — which is the case on most current Linux systems — then no, function addresses don’t stay the same every time a binary is loaded. There are various different layout randomisations which are applied, and if the binary is position-independent, all of them can be applied; in particular, library ASLR means that libraries are loaded in a different place every time, and execution ASLR means that position-independent binaries are loaded in a different place every time too.



The Ubuntu wiki has a nice summary of the different possibilities; they aren’t Ubuntu-specific.



You can disable all this (which isn’t recommended) by changing the /proc/sys/kernel/randomize_va_space setting: 0 will disable ASLR.






share|improve this answer





















  • @张宏博 you’re welcome! And welcome to Unix & Linux. Please take a minute to read the tour, and if this answer addressed your question to your satisfaction, accept it using the big check mark.
    – Stephen Kitt
    Jul 13 at 11:42










  • Ok, sure. sorry for that.
    – å¼ å®åš
    Jul 14 at 3:18












up vote
0
down vote



accepted







up vote
0
down vote



accepted






If address-space layout randomisation is enabled — which is the case on most current Linux systems — then no, function addresses don’t stay the same every time a binary is loaded. There are various different layout randomisations which are applied, and if the binary is position-independent, all of them can be applied; in particular, library ASLR means that libraries are loaded in a different place every time, and execution ASLR means that position-independent binaries are loaded in a different place every time too.



The Ubuntu wiki has a nice summary of the different possibilities; they aren’t Ubuntu-specific.



You can disable all this (which isn’t recommended) by changing the /proc/sys/kernel/randomize_va_space setting: 0 will disable ASLR.






share|improve this answer













If address-space layout randomisation is enabled — which is the case on most current Linux systems — then no, function addresses don’t stay the same every time a binary is loaded. There are various different layout randomisations which are applied, and if the binary is position-independent, all of them can be applied; in particular, library ASLR means that libraries are loaded in a different place every time, and execution ASLR means that position-independent binaries are loaded in a different place every time too.



The Ubuntu wiki has a nice summary of the different possibilities; they aren’t Ubuntu-specific.



You can disable all this (which isn’t recommended) by changing the /proc/sys/kernel/randomize_va_space setting: 0 will disable ASLR.







share|improve this answer













share|improve this answer



share|improve this answer











answered Jul 12 at 7:39









Stephen Kitt

139k22296359




139k22296359











  • @张宏博 you’re welcome! And welcome to Unix & Linux. Please take a minute to read the tour, and if this answer addressed your question to your satisfaction, accept it using the big check mark.
    – Stephen Kitt
    Jul 13 at 11:42










  • Ok, sure. sorry for that.
    – å¼ å®åš
    Jul 14 at 3:18
















  • @张宏博 you’re welcome! And welcome to Unix & Linux. Please take a minute to read the tour, and if this answer addressed your question to your satisfaction, accept it using the big check mark.
    – Stephen Kitt
    Jul 13 at 11:42










  • Ok, sure. sorry for that.
    – å¼ å®åš
    Jul 14 at 3:18















@张宏博 you’re welcome! And welcome to Unix & Linux. Please take a minute to read the tour, and if this answer addressed your question to your satisfaction, accept it using the big check mark.
– Stephen Kitt
Jul 13 at 11:42




@张宏博 you’re welcome! And welcome to Unix & Linux. Please take a minute to read the tour, and if this answer addressed your question to your satisfaction, accept it using the big check mark.
– Stephen Kitt
Jul 13 at 11:42












Ok, sure. sorry for that.
– å¼ å®åš
Jul 14 at 3:18




Ok, sure. sorry for that.
– å¼ å®åš
Jul 14 at 3:18












 

draft saved


draft discarded


























 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f454819%2fwhere-the-location-of-code-section-of-a-process-in-linux%23new-answer', 'question_page');

);

Post as a guest













































































Popular posts from this blog

How to check contact read email or not when send email to Individual?

Displaying single band from multi-band raster using QGIS

How many registers does an x86_64 CPU actually have?