Any way to disable Heap placement randomization (ASLR) for a singleexecutable?

Posted: 05-11-2007, 06:45 PM
Greetings,

This is more of a programming question, and doesn't appear to quite
fit into this newsgroup. Please feel free to direct me to a more
appropriate forum (if one exists).

I have an application (compiler) which dumps its whole parse
tree into a file, and then re-loads it later (for precompiled
header processing), via MapViewOfFileEx().

Because the parse tree contains pointers, it must be re-loaded at
the same address it was when it was saved [1].

This works fine everywhere, but breaks on Vista(R) due to address
space layout randomization (ASLR).

I can try to map the file at the same address it was when it was
saved, but there is a chance that some DLL has already created a
Heap in that space, and then the mapping will fail.

Questions:
1. Is there any address range that is "safe" from ASLR placing a
Heap there? (I could then hard-code that address).
2. Is there any way to tell Vista that "this executable's address
space should not be randomized" ?
3. Any other way for an executable to "reserve" certain fixed
address region?

Thanks,


[1]. Yes, I know I can save the parse tree in an alternative format
(using offsets instead of pointers), and then I would not care what
the mapping address is. But this is significantly slower.

--
In order to understand recursion you must first understand recursion.
Remove /-nsp/ for email.

Any way to disable Heap placement randomization (ASLR) for a singleexecutable?


Responses to "Any way to disable Heap placement randomization (ASLR) for a singleexecutable?"

Dave Wood [MS]
Guest
Posts: n/a
 
Re: Any way to disable Heap placement randomization (ASLR) for a single executable?
Posted: 05-12-2007, 12:19 AM
I don't think this is ever going to be reliable. Depending on what other
dlls are loaded into your process, what memory is allocated where etc. means
that you can't guarantee that the same virtual address range is available
all the time.

Almost universally data files are stored with offsets, not raw pointers. In
my experience the effect on performance is insignificant.

Dave Wood


"Paul Pluzhnikov" <ppluzhnikov-nsp@charter.net> wrote in message
news:OU$XMx$kHHA.4628@TK2MSFTNGP06.phx.gbl...
> Greetings,
>
> This is more of a programming question, and doesn't appear to quite
> fit into this newsgroup. Please feel free to direct me to a more
> appropriate forum (if one exists).
>
> I have an application (compiler) which dumps its whole parse
> tree into a file, and then re-loads it later (for precompiled
> header processing), via MapViewOfFileEx().
>
> Because the parse tree contains pointers, it must be re-loaded at
> the same address it was when it was saved [1].
>
> This works fine everywhere, but breaks on Vista(R) due to address
> space layout randomization (ASLR).
>
> I can try to map the file at the same address it was when it was
> saved, but there is a chance that some DLL has already created a
> Heap in that space, and then the mapping will fail.
>
> Questions:
> 1. Is there any address range that is "safe" from ASLR placing a
> Heap there? (I could then hard-code that address).
> 2. Is there any way to tell Vista that "this executable's address
> space should not be randomized" ?
> 3. Any other way for an executable to "reserve" certain fixed
> address region?
>
> Thanks,
>
>
> [1]. Yes, I know I can save the parse tree in an alternative format
> (using offsets instead of pointers), and then I would not care what
> the mapping address is. But this is significantly slower.
>
> --
> In order to understand recursion you must first understand recursion.
> Remove /-nsp/ for email.
Rick Rogers
Guest
Posts: n/a
 
Re: Any way to disable Heap placement randomization (ASLR) for a single executable?
Posted: 05-12-2007, 01:37 AM
Hi Paul,
> This is more of a programming question, and doesn't appear to quite
> fit into this newsgroup.
You're quite correct. This would be more appropriate in a group designed for
the programming language you are using. These groups are for user shell
questions targeting general use, not in depth programming.
> Please feel free to direct me to a more appropriate forum (if one exists).
You'll find a lot of language groups by pointing your newsreader to the
server farm at news://msnews.microsoft.com

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP
http://mvp.support.microsoft.com/
Windows help - www.rickrogers.org
My thoughts http://rick-mvp.blogspot.com

"Paul Pluzhnikov" <ppluzhnikov-nsp@charter.net> wrote in message
news:OU$XMx$kHHA.4628@TK2MSFTNGP06.phx.gbl...
> Greetings,
>
> This is more of a programming question, and doesn't appear to quite
> fit into this newsgroup. Please feel free to direct me to a more
> appropriate forum (if one exists).
>
> I have an application (compiler) which dumps its whole parse
> tree into a file, and then re-loads it later (for precompiled
> header processing), via MapViewOfFileEx().
>
> Because the parse tree contains pointers, it must be re-loaded at
> the same address it was when it was saved [1].
>
> This works fine everywhere, but breaks on Vista(R) due to address
> space layout randomization (ASLR).
>
> I can try to map the file at the same address it was when it was
> saved, but there is a chance that some DLL has already created a
> Heap in that space, and then the mapping will fail.
>
> Questions:
> 1. Is there any address range that is "safe" from ASLR placing a
> Heap there? (I could then hard-code that address).
> 2. Is there any way to tell Vista that "this executable's address
> space should not be randomized" ?
> 3. Any other way for an executable to "reserve" certain fixed
> address region?
>
> Thanks,
>
>
> [1]. Yes, I know I can save the parse tree in an alternative format
> (using offsets instead of pointers), and then I would not care what
> the mapping address is. But this is significantly slower.
>
> --
> In order to understand recursion you must first understand recursion.
> Remove /-nsp/ for email.
Joe Guidera
Guest
Posts: n/a
 
Re: Any way to disable Heap placement randomization (ASLR) for a single executable?
Posted: 05-12-2007, 05:26 PM
You might post this in one of the developer forums, however does disabling
DEP for that specific executable not work?

J

"Paul Pluzhnikov" <ppluzhnikov-nsp@charter.net> wrote in message
news:OU$XMx$kHHA.4628@TK2MSFTNGP06.phx.gbl...
> Greetings,
>
> This is more of a programming question, and doesn't appear to quite
> fit into this newsgroup. Please feel free to direct me to a more
> appropriate forum (if one exists).
>
> I have an application (compiler) which dumps its whole parse
> tree into a file, and then re-loads it later (for precompiled
> header processing), via MapViewOfFileEx().
>
> Because the parse tree contains pointers, it must be re-loaded at
> the same address it was when it was saved [1].
>
> This works fine everywhere, but breaks on Vista(R) due to address
> space layout randomization (ASLR).
>
> I can try to map the file at the same address it was when it was
> saved, but there is a chance that some DLL has already created a
> Heap in that space, and then the mapping will fail.
>
> Questions:
> 1. Is there any address range that is "safe" from ASLR placing a
> Heap there? (I could then hard-code that address).
> 2. Is there any way to tell Vista that "this executable's address
> space should not be randomized" ?
> 3. Any other way for an executable to "reserve" certain fixed
> address region?
>
> Thanks,
>
>
> [1]. Yes, I know I can save the parse tree in an alternative format
> (using offsets instead of pointers), and then I would not care what
> the mapping address is. But this is significantly slower.
>
> --
> In order to understand recursion you must first understand recursion.
> Remove /-nsp/ for email.
Paul Pluzhnikov
Guest
Posts: n/a
 
Re: Any way to disable Heap placement randomization (ASLR) for asingle executable?
Posted: 05-14-2007, 04:43 PM
Joe Guidera wrote:
> You might post this in one of the developer forums, however does
> disabling DEP for that specific executable not work?
The current (default) settings are "Turn on DEP for essential
Windows programs and services only", so I assume my executable
already does not have DEP turned on.

Rick Rogers wrote:
> This would be more appropriate in a group designed
> for the programming language you are using.
The question has nothing to do with any language; it's a
Vista setup / Win32 API question.

I'll repeat my question in microsoft.public.win32.programmer.kernel,
which appears to be filled with similar questions (even though
this has little to do with kernel programming).

Thanks for all who responed.

--
In order to understand recursion you must first understand recursion.
Remove /-nsp/ for email.
 
LinkBack Thread Tools Display Modes
 


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump


Similar Threads
Thread Thread Starter Forum Replies Last Post
Swap-file placement? Ola A Johansson Windows XP Configuration & Management 3 03-09-2005 05:34 PM
Debugger: !heap command does not work on a checked xp system marcsnews Windows XP Device Drivers 0 04-16-2004 10:03 AM
Open icon placement David Candy Customize Windows XP 1 11-24-2003 03:25 PM
Title Animation Placement PapaJohn Windows XP Movie Maker 3 09-10-2003 10:36 PM
Battery Randomization debbie Windows XP Music 1 07-10-2003 06:49 PM