Refactor how ASLR is supported in rizin.

rizinorg · Feb 10, 2024 · c71b76c · c71b76c
1 parent 8e4faa3
commit c71b76c
Show file tree

Hide file tree

Showing 3 changed files with 163 additions and 134 deletions.
diff --git a/librz/include/rz_util/rz_sys.h b/librz/include/rz_util/rz_sys.h
@@ -106,7 +106,7 @@ RZ_API int rz_sys_clearenv(void);
 RZ_API char *rz_sys_whoami(char *buf);
 RZ_API char *rz_sys_getdir(void);
 RZ_API bool rz_sys_chdir(RZ_NONNULL const char *s);
-RZ_API bool rz_sys_aslr(int val);
+RZ_API bool rz_sys_aslr(bool enable);
 RZ_API void *rz_sys_dlopen(RZ_NULLABLE const char *libname);
 RZ_API void *rz_sys_dlsym(void *handler, const char *name);
 RZ_API int rz_sys_dlclose(void *handler);

diff --git a/librz/socket/run.c b/librz/socket/run.c
@@ -49,17 +49,8 @@
 #include <errno.h>
 #if defined(__sun)
 #include <sys/filio.h>
-#endif
-#if __linux__ && !__ANDROID__
-#include <sys/personality.h>
-#endif
-#if defined(__FreeBSD__) || defined(__DragonFly__)
-#if HAVE_DECL_PROCCTL_ASLR_CTL
-#include <sys/procctl.h>
-#endif
-#include <sys/sysctl.h>
-#endif
-#endif
+#endif /* __sun */
+#endif /* __UNIX__ */
 #ifdef _MSC_VER
 #include <direct.h> // to compile chdir in msvc windows
 #include <process.h> // to compile execv in msvc windows
@@ -292,44 +283,6 @@ static bool parse_bool(const char *value) {
 		!rz_str_casecmp(value, "1");
 }
 
-// TODO: move into rz_util? rz_run_... ? with the rest of funcs?
-static void setASLR(RzRunProfile *r, int enabled) {
-#if __linux__
-	rz_sys_aslr(enabled);
-#if HAVE_DECL_ADDR_NO_RANDOMIZE && !__ANDROID__
-	if (personality(ADDR_NO_RANDOMIZE) == -1) {
-#endif
-		rz_sys_aslr(0);
-#if HAVE_DECL_ADDR_NO_RANDOMIZE && !__ANDROID__
-	}
-#endif
-#elif __APPLE__
-	// TOO OLD setenv ("DYLD_NO_PIE", "1", 1);
-	// disable this because its
-	const char *argv0 = r->_system ? r->_system
-		: r->_program          ? r->_program
-		: r->_args[0]          ? r->_args[0]
-				       : "/path/to/exec";
-	RZ_LOG_WARN("rz-run: to disable aslr patch mach0.hdr.flags with:\n"
-		    "rizin -qwnc 'wx 000000 @ 0x18' %s\n",
-		argv0);
-	// f MH_PIE=0x00200000; wB-MH_PIE @ 24\n");
-	// for osxver>=10.7
-	// "unset the MH_PIE bit in an already linked executable" with --no-pie flag of the script
-	// the right way is to disable the aslr bit in the spawn call
-#elif __FreeBSD__ || __NetBSD__ || __DragonFly__
-	rz_sys_aslr(enabled);
-#if HAVE_DECL_PROCCTL_ASLR_CTL
-	int disabled = PROC_ASLR_FORCE_DISABLE;
-	if (procctl(P_PID, getpid(), PROC_ASLR_CTL, &disabled) == -1) {
-		rz_sys_aslr(0);
-	}
-#endif
-#else
-	// not supported for this platform
-#endif
-}
-
 #if __APPLE__
 #else
 #if HAVE_OPENPTY && HAVE_FORKPTY && HAVE_LOGIN_TTY
@@ -906,7 +859,7 @@ RZ_API int rz_run_config_env(RzRunProfile *p) {
 		return 1;
 	}
 	if (p->_aslr != -1) {
-		setASLR(p, p->_aslr);
+		rz_sys_aslr(p->_aslr);
 	}
 #if __UNIX__
 	set_limit(p->_docore, RLIMIT_CORE, RLIM_INFINITY);
@@ -1166,11 +1119,13 @@ RZ_API int rz_run_start(RzRunProfile *p) {
 	posix_spawnattr_init(&attr);
 	if (p->_args[0]) {
 		char **envp = rz_sys_get_environ();
-		ut32 spflags = 0; // POSIX_SPAWN_START_SUSPENDED;
-		spflags |= POSIX_SPAWN_SETEXEC;
-		if (p->_aslr == 0) {
+		short spflags = POSIX_SPAWN_SETEXEC;
+
+		// https://opensource.apple.com/source/gdb/gdb-2831/src/gdb/macosx/macosx-nat-inferior.c.auto.html
+		if (p->_aslr != -1 && p->_aslr) {
 #define _POSIX_SPAWN_DISABLE_ASLR 0x0100
 			spflags |= _POSIX_SPAWN_DISABLE_ASLR;
+#undef _POSIX_SPAWN_DISABLE_ASLR
 		}
 		(void)posix_spawnattr_setflags(&attr, spflags);
 		if (p->_bits) {
@@ -1187,14 +1142,9 @@ RZ_API int rz_run_start(RzRunProfile *p) {
 			posix_spawnattr_setbinpref_np(
 				&attr, 1, &cpu, &copied);
 		}
-		ret = posix_spawnp(&pid, p->_args[0],
-			NULL, &attr, p->_args, envp);
-		switch (ret) {
-		case 0:
-			break;
-		default:
+		ret = posix_spawnp(&pid, p->_args[0], NULL, &attr, p->_args, envp);
+		if (ret) {
 			RZ_LOG_ERROR("rz-run: posix_spawnp: %s\n", strerror(ret));
-			break;
 		}
 		exit(ret);
 	}