Find the answer to your Linux question:
Results 1 to 6 of 6
Hi! Could anybody answer me why auxiliary vector has different size from call to call of any executable? (glibc 2.7, Linux 2.6.2 example: Code: #include <stdio.h> #include <elf.h> main(int argc, ...
  1. 06-22-2009 #1
    korisk
    korisk is offline
    Just Joined!
    Join Date
    Nov 2008
    Posts
    15

    [SOLVED] Strange length of auxiliary vector of executable file

    Hi!

    Could anybody answer me why auxiliary vector has different size from call to call of any executable?
    (glibc 2.7, Linux 2.6.2

    example:
    Code:
    #include <stdio.h>
#include <elf.h>

main(int argc, char* argv[], char* envp[]){
Elf32_auxv_t *auxv;
while(*envp++ != NULL); /*from stack diagram above: *envp = NULL marks end of envp*/
            
        for (auxv = (Elf32_auxv_t *)envp; auxv->a_type != AT_NULL; auxv++)
        /* auxv->a_type = AT_NULL marks the end of auxv */
        {
//              ddif( auxv->a_type == AT_SYSINFO)
                printf("addr: %x type: %x is: 0x%x\n", (int)auxv, auxv->a_type, auxv->a_un.a_val);
        }
printf("\n (int)argv[0] - addr = %x - %x = %x\n",(int)argv[0], (int)auxv, (int)argv[0] - (int)auxv);
}
  2. 06-23-2009 #2
    cgrebeld
    cgrebeld is offline
    Just Joined!
    Join Date
    Jun 2009
    Location
    Toronto
    Posts
    18
    Quote Originally Posted by korisk
    printf("\n (int)argv[0] - addr = %x - %x = %x\n",(int)argv[0], (int)auxv, (int)argv[0] - (int)auxv);
    There are a few things wrong here. You are subtracting the wrong way, so you will be getting a negative number. You are casting pointers to ints, which may not be the same size (64 bit system). You should cast the pointer difference to an int instead:
    Code:
    printf("\n addr - argv = %p - %p = %d\n",argv, auxv, (int)((char**)auxv - argv));
  3. 06-23-2009 #3
    korisk
    korisk is offline
    Just Joined!
    Join Date
    Nov 2008
    Posts
    15
    Quote Originally Posted by cgrebeld View Post
    There are a few things wrong here. You are subtracting the wrong way, so you will be getting a negative number. You are casting pointers to ints, which may not be the same size (64 bit system). You should cast the pointer difference to an int instead:
    Code:
    printf("\n addr - argv = %p - %p = %d\n",argv, auxv, (int)((char**)auxv - argv));
    ok, thank you for the answer, but it measures just sizefo(auxv[], env[] and argv[]).

    another example of mentioned phenomenon:
    Code:
    #include <stdio.h>
int main(int argc, char *argv[], char *env[]){
        char b = 1;
        register int c=0;
        register char *a = &b;
        while(1){
                *a++ = 1;
                printf("%x %x\n",(int)a,c++);
        }
        return 0;
}
    number of iterations is differ from load to load.
  4. 06-23-2009 #4
    cgrebeld
    cgrebeld is offline
    Just Joined!
    Join Date
    Jun 2009
    Location
    Toronto
    Posts
    18
    Ah, I though I was missing something... Seems like it might be a security feature?
  5. 06-23-2009 #5
    korisk
    korisk is offline
    Just Joined!
    Join Date
    Nov 2008
    Posts
    15
    i don't know, but it seems security is main goal of the behavior.
    it's cloudy.
  6. 06-24-2009 #6
    korisk
    korisk is offline
    Just Joined!
    Join Date
    Nov 2008
    Posts
    15
    Solved.
    Command
    sysctl -w kernel.randomize_va_space=0
    removes the phenomenon
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

...