I understand the purpose and function of ASLR, and have disabled it for a few applications to exploit possible vulnerabilities, but are exploiting vulnerabilities in memory the only purpose of disabling it? For example, are there any applications whose functionality depends on constant memory layout?
Asked
Active
Viewed 172 times
1
-
1There could be such applications. But we better stay away from them. – Eugene Sh. Jun 01 '22 at 17:41
-
3It might be useful when debugging. Similarly commenting out `srand`, to obtain repeatable values. – Weather Vane Jun 01 '22 at 17:48
-
1One possible (though likely poorly advised) possibility would be a program that needs to ensure that as much of the address space as possible is unused after program launch because it then performs its own address-space allocation and the larger the potential block the better. This would be more likely in a 32-bit process than 64-bit. – SoronelHaetir Jun 01 '22 at 17:53
-
2To expand on the debugging angle: Say we have a program that crashes at some point and there is some bad/wrong value at a given memory address X. We get the address X from a debugger traceback. We want to rerun the program with a debugger watchpoint on that address. Normally, if we had a pointer iterating over a buffer, we'd do (e.g.) `watch *ptr`. But, if the program is complex, we may need to do (e.g.) `watch 0x100037F0` This only works with ASLR off. – Craig Estey Jun 01 '22 at 18:12
-
Backward compatibility? Legacy software, written prior to the introduction of ASLR, may become unstable under ASLR, either due to sloppy coding, or due to an obscure bug. Developers may prefer to fix the offending code, but budget holders may decide otherwise. – Ruud Helderman Jun 01 '22 at 18:35