Re: mprotect



"David T. Ashley" <dta@xxxxxxxx> writes:

#1: The smallest granularity of mprotect() is a page (presumably a virtual
memory page). What guarantee do you have that the area of memory you've
obtained via malloc() spans only one page?

He has a guarantee that his area spans two pages, since he asked
for PAGESIZE+1023

#2: This statement:

p = (char *)(((int) p + PAGESIZE-1) & ~(PAGESIZE-1));

can lead to serious airthmetic trouble if a pointer on your system is bigger
than an integer.

True, but he is (apparenly) on x86, and so can assume
sizeof(int)==sizeof(char*)==4.

#4: This statement:
p = (char *)(((int) p + PAGESIZE-1) & ~(PAGESIZE-1));

seems unnecessary, as the definition of mprotect() inducates it will do this
anyway,

Which definition of mprotect() is that?
The linux one says mprotect will fail if p is not page-aligned.
So does SUSv3:

if (mprotect(p, 1024, PROT_EXEC|PROT_WRITE|PROT_READ)) {

??

This creates an almost guaranteed failure if the memory returned by malloc()
spans a virtual page boundary.

It doesn't since he page-aligned it.

First, you round p down to be modulo PAGESIZE, then you specify a length
which is almost certainly less than or equal to a PAGESIZE, indicating that
you will give permissions to at most one page. If the memory you got via
malloc() is near a page boundary, you are sunk.

Huh? I think you are mistaken.

Summary #1: I don't think you're giving permissions to the pages you want
to.

No, he appears to do exactly as he should. In fact his code follows
example usage given in the Linux "man mprotect".

Summary #2: There still may be other problems because the pages you are
changing the permissions on may contain other things, i.e. you haven't
determined that the pages you're messing with are fully free for you to muck
around with. I believe there are uncovered boundary cases.

The pages he got from malloc() are garanteed to have PROT_READ|PROT_WRITE.
Adding PROT_EXEC shouldn't really cause any problems (though it
may modify behaviour of other buggy code that may try to execute
"malloc data").

Cheers,
--
In order to understand recursion you must first understand recursion.
Remove /-nsp/ for email.
.