On 13 Apr 2006 at 14:46, Mivz wrote: > Without enforcing ping works just fine:
this is good enough to tell the story. > brk(0) = 0x8001e320 that address looks interesting, you'll see why. > mprotect(0x80000000, 40960, PROT_READ|PROT_WRITE) = 0 > mprotect(0x80000000, 40960, PROT_READ|PROT_EXEC) = 0 and this is where the PROT_WRITE->PROT_EXEC transition happens, a strong indication of text relocations. comparing it to the above brk address, we can be quite sure that it is in fact the main application itself being subject to such torture (brk always follows the main app in memory). noting the unusual start address of the main app (it'd be 0x08048000 for ET_EXEC), we can conclude that your ping executable is a PIE that is not fully PIC. run scanelf -T on it to see where the problem is. -- [email protected] mailing list
