[MPlayer-dev-eng] Re: amd64 -sws 0 fix (iow: playing with NX bit)
Aurelien Jacobs
aurel at gnuage.org
Mon Jan 24 15:36:29 CET 2005
On Mon, 24 Jan 2005 10:49:14 +0100
Jindrich Makovicka <makovick at kmlinux.fjfi.cvut.cz> wrote:
> Aurelien Jacobs wrote:
> > On Fri, 21 Jan 2005 21:40:34 +0100
> > Alex Beregszaszi <alex at fsn.hu> wrote:
> >
> >
> >>Hi,
> >>
> >>
> >>>>trivial diff to disable NX bit via mprotect().
> >>>
> >>>Very nice ! That's exactly what I was looking for.
> >>>But your code has a small problem. The pointer you pass to mprotect
> >>>is not aligned on a PAGESIZE (which is required by mprotect).
> >>
> >>What about aligning the funnycode stuff ? so no non-appropriate part of
> >>the memory would be set to exec enable
> >
> >
> > Right ! That would be more secure.
> > I first wanted to achieve this trivially by using
> > __attribute__((aligned(PAGESIZE))) but it seems that the linker don't
> > accept too high alignment values.
> > So I finally used a memalign() block to store the funny code.
> > This patch is now better.
> >
> > Aurel
> > +#define MAX_FUNNY_CODE_SIZE 10000
>
> Shouldn't it be also a multiple of the pagesize? Otherwise some memory
> could be later malloc'd after the funnycode, which will be executable
> too. I didn't see anything about aligning the allocated size in memalign(3).
Ok, I don't know if malloc will use a memory area which is marked as
PROT_EXEC but to be completly safe, here is a new version of the patch.
Aurel
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: mprotect3.diff
URL: <http://lists.mplayerhq.hu/pipermail/mplayer-dev-eng/attachments/20050124/1b0e9412/attachment.asc>
More information about the MPlayer-dev-eng
mailing list