burnttoys: How to allocate executable memory on Linux...

Tuesday, 12 April 2011

How to allocate executable memory on Linux...

#include <stdio.h>
#include <sys/mman.h>

typedef unsigned (*asmFunc)(void);

int main(int argc, char *argv[])
{
   // probably needs to be page aligned...

   unsigned int codeBytes = 4096;
   void * virtualCodeAddress = 0;

   virtualCodeAddress = mmap(
       NULL,
       codeBytes,
       PROT_READ | PROT_WRITE | PROT_EXEC,
       MAP_ANONYMOUS | MAP_PRIVATE,
       0,
       0);

   printf("virtualCodeAddress = %p\n", virtualCodeAddress);

   // write some code in
   unsigned char * tempCode = (unsigned char *) (virtualCodeAddress);
   tempCode[0] = 0xb8;
   tempCode[1] = 0x00;
   tempCode[2] = 0x11;
   tempCode[3] = 0xdd;
   tempCode[4] = 0xee;
   // ret code! Very important!
   tempCode[5] = 0xc3;

   asmFunc myFunc = (asmFunc) (virtualCodeAddress);

   unsigned out = myFunc();

   printf("out is %x\n", out);

   return 0;
}

2 comments:

Unknown said...: Is there any way to allocate the memory and then set the protections after, or is mmap necessary?; 1 November 2011 at 18:30
burnttoys said...: Try "mprotect"

http://www.kernel.org/doc/man-pages/online/pages/man2/mprotect.2.html; 17 April 2012 at 02:58

Tuesday, 12 April 2011

How to allocate executable memory on Linux...

2 comments:

Blog Archive