Linux AMD64 call C libary functions from copied assembly -


how call memcpy'ed assembly function c library functions?

i'm making example test code how 1 can allocate , change memory protection on linux, amd64 run arbitrarily generated code c. done compile small gas assembly function along side main program (written in c) , copy assembly binary blob onto piece executable memory in run-time , jump it. part works ok.

but if call c library puts() copied assembly blob results in segfault due bad function address?! how fix it?

the assembly code blob:

       .text        .global      _print_hello_size        .global      _print_hello        .type        _print_hello,@function _print_hello:        push %rbp        mov %rsp, %rbp        # puts("hello world\n")        mov $_message, %rdi        call puts    # <-- segfault        pop %rbp        ret procend: # mark end address of _print_hello code        .section .rodata _message:        .asciz  "hello, world\n" _print_hello_size:        .long procend - _print_hello

then in c main() (pseudo code):

// import assembler function , size extern "c" void _print_hello(void); extern "c" const long _print_hello_size; int main() {     // use special function allocates read-write-executable memory     void * memexec = mallocexecutablememory(1024);     // copy binary asm blob, memexec aligned @ least 16-bytes     memcpy(memexec, (void*)_print_hello, _print_hello_size);      void (*jmpfunc)(void) = (void (*)(void))memexec;      jmpfunc(); // works, jumps copied assembly func     return 0; }

later if possible not compile asm blob, encode example program in in unsigned char execblob[] = { 0xcc,0xcc,0xc3,..} , copy executable region. bit code exploration how start generating asm c.

maybe do

push %rbp mov %rsp, %rbp # puts("hello world\n") mov $_message, %rdi mov $puts, %eax call %eax pop %rbp ret

and forcing call become absolute one. question whether assembler won't optimize out own purposes.


Comments

Post a Comment

Popular posts from this blog

node.js - Using Node without global install -

i'm working on few node & electron (atom shell) projects , i'm curious how them work without user having install node globally. i've seen few applications including node directory in project contains node.exe binary. how go setting node project use binary? edit: thought should add, i've searched everywhere answer this, unrelated results.
Read more

How to access a php class file from PHPFox framework into javascript code written in simple HTML file? -

i've website developed using phpfox v3.0.7 . now i'm trying implement 'sse(server sent events)' 1 of php files. reference i'm giving below necessary code part of file. file titled process.class.php , present @ location /var/www/module/notification/include/service/process.class.php present on server having ip http://34.124.40.142/ . <?php /** * [phpfox_header] */ header('content-type: text/event-stream'); header('cache-control: no-cache'); defined('phpfox') or exit('no dice!'); /** * * * @copyright [phpfox_copyright] * @author raymond benc * @package phpfox_service * @version $id: service.class.php 67 2009-01-20 11:32:45z raymond_benc $ */ class notification_service_process extends phpfox_service { /** * class constructor */ public function __construct() { $this->_stable = phpfox::gett('notification'); } public function add($...
Read more

java - Null response to php query in android, even though php works properly -

Image
table i'm trying retrieve above data using 2 php files below. want pass email parameter , return bets user = email. work fine when tested advanced rest client, problem not php. however, when try through android 2 java classes below, null pointer exception (logcat below) , json object returned null. i'm not sure error is, think i'm not passing parameter php , that's why it's producing null response. logcat 05-31 15:10:50.227 26074-26074/com.example.albert.betterapp e/androidruntime﹕ fatal exception: main process: com.example.albert.betterapp, pid: 26074 java.lang.runtimeexception: unable start activity componentinfo{com.example.albert.betterapp/com.example.albert.betterapp.displayallbets}: java.lang.nullpointerexception @ android.app.activitythread.performlaunchactivity(activitythread.java:2292) @ android.app.activitythread.handlelaunchactivity(activitythread.java:2350) @ android.app.activitythread.acce...
Read more