How does Apple work in ASLR implementation?

Question

How does Apple work in ASLR implementation?

In accordance with ASLR (randomization of the address space layout), it provides random stack and heap allocations and page loading each time the process starts and randomizes the address where objects are placed in the virtual space of the given process.

But in my application running on ios, I create an object called ObjectA, after several reboots of the process, I found that the address of ObjectA is still not randomized.

How does Apple work in ASLR implementation? Why is the ObjectA address the same?

+7

linux ios memory aslr

zsounder Apr 14 '12 at 9:30

source share

2 answers

For completeness, the guy who did the work to answer this question was Dino Call in Apple iOS 4 security rating . My apologies if someone else posted before Dino (I don't know about work or about you).

Zovi published its materials long before Apple published iOS Security . Dino's work is even more complete.

0

jww Dec 7 '12 at 20:43

source share

Greyhands · Accepted Answer · 2012-04-14T13:55:31+0000

What do you mean by "multiple reboots"? You must explicitly close the application, due to multitasking, you can open the same process again.

eg. This is one of my applications that prints out the address of an instance of UIViewController, as you can see that the address of the object in each execution is different.

First run: <DCViewController: 0x13d4a0> Second run: <DCViewController: 0x2880f0> Third run: <DCViewController: 0x2a2050>

(I don't think so, but Xcode has the option to enable PIE (Position Independent Executable) in the "Build Settings" section, and it's called "Do not Create Position Indipendent Executables", you can easily find it, but type "pie "in the search field. This parameter must be set to No).

EDIT:

In addition, Xcode will only make PIE binaries if the deployment target is> = 4.3

Hope this helps =)

How does Apple work in ASLR implementation?

More articles: