X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-3.1 required=5.0 	tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: sourceware.org
Message-ID: <4A2BB5BB.4000402@cwilson.fastmail.fm>
Date: Sun, 07 Jun 2009 08:42:35 -0400
From: Charles Wilson <cygwin AT cwilson DOT fastmail DOT fm>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.21) Gecko/20090302 Thunderbird/2.0.0.21 Mnenhy/0.7.6.666
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: ASLR sometimes stops working on Vista with 1.7? [was: Re:  Cygwin      1.7  release (was ...)]
References: <1244131746 DOT 30024 DOT 1318796263 AT webmail DOT messagingengine DOT com> <4A282063 DOT 9030804 AT users DOT sourceforge DOT net> <4A286B99 DOT 6020702 AT users DOT sourceforge DOT net> <20090605120936 DOT GD23519 AT calimero DOT vinschen DOT de> <4A293237 DOT 2010102 AT cwilson DOT fastmail DOT fm> <20090605163510 DOT GF23519 AT calimero DOT vinschen DOT de> <4A296778 DOT 2080507 AT cwilson DOT fastmail DOT fm> <20090605213012 DOT GG23519 AT calimero DOT vinschen DOT de> <4A29B510 DOT 3020601 AT gmail DOT com> <20090606084924 DOT GI23519 AT calimero DOT vinschen DOT de> <20090607082308 DOT GA25832 AT calimero DOT vinschen DOT de>
In-Reply-To: <20090607082308.GA25832@calimero.vinschen.de>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Corinna Vinschen wrote:
> The structure is allocated right after the space occupied by the DLL
> itself, using VirtualAlloc.  I changed the struct layout so that the
> size depends on the length of the pathname to the DLL.  In most, if not
> all cases this will fit into a single 4K page.
...
> However, in most cases the DLL itself will not occupy the
> entire 64K slot, but one or more 4K pages are left free, which will
> never be used while the application is running.

So, while the following are probably not practical concerns, there are
still a few failure modes, correct?

1) if the ImageSize of the DLL is between N*64k-4k+1 and N*64k, the next
4k page allocated for the struct will again clobber the next DLL's ImageBase

2) if the length of the actual pathname to the DLL is more than 2k wide
characters (e.g. 4k bytes) then issue #1 is made increasingly likely,
because the "dangerous DLL size" becomes N*64k-M*4k+1 .. N*64k, with
1<M<=16.  Once the pathname to the DLL gets to be near 32k wide chars
(e.g. M=16, for 64k bytes in the struct) then the new solution devolves
to the status quo ante.

3) This new solution can never work properly for WOW64

However, for all *three* issues, the workaround exists to simply rebase
with -o 0x20000. [*] I think this issue should go in the 1.7 FAQ --
along with a mention of the three remaining failure modes and the brute
force 0x20000 workaround.

[*] This still doesn't ALWAYS solve the theoretical problem, but should
be a decent practical workaround, even for 1), 2) and 3), even if you're
already so unlucky that Corinna's new solution doesn't work for you.
First, 0x20000 only helps for very small DLLs -- fortunately, they cause
this problem most often. Second, the struct, if it needs to contain an
entire 64k byte (32k word) path, then it needs/uses slightly more than
64k bytes itself -- so you need to bump 0x20000 up another 64k.  But
this would almost never happen, and the cost is prohibitive: all tiny
DLLs now take up almost 3x as much memory -- 192k vs. < 64k -- as they
ordinarily would.  As Yaakov showed, this almost guarantees that you'd
run out of acceptable rebase addresses.

> I tested this change on XP 32 bit, 2K8 32 bit, W7 32 bit, and W7 64 bit,
> by running `cygport automake1.11 compile' and a subsequent `make check',
> which uses perl (and thus run-time loaded DLLs) a lot.

Hallelujah!

--
Chuck

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/