user1094822
Reputation: 35
How to mprotect() existing address to enable PROT_WRITE without using mmap()? (is it even possible)?
#define base_address 0x00005555555551e7
I know that the literal base_addresscan be read and written but I can only do that using gdb, for example, if base_address is stored in rax
mov $0x00005555555551e7, %rax
mov (%rax), -0xc(%rbp)
mov -0xc(%rbp), %eax
so the value of eax is zero, however in gdb:
(gdb) set {int}$rax = 1
it sets the value of *0x00005555555551e7 to 1. However doing that in C;
int *addr = (int*)0x00005555555551e7;
*addr = 1; //SIGSEGV permission denied of writing
So I'm trying mprotect():
int ret = mprotect(addr, sizeof(int), PROT_READ|PROT_WRITE);
But the status of ret is -1 if I do so.
In the manual of mprotect(), it says
addr must be aligned to a page boundary.
so I found this post to align it to page boundary (using the power of 2 page value)
int i_addr = (base_address + ((1<<12) - 1)) & ~((1<<12) -1);
int *addr = (int*)i_addr;
int ret = mprotect(addr, sizeof(int), PROT_READ|PROT_WRITE);
assert(ret==0);
but this time too, the status of ret is -1. I'm lost now, I don't know what to do.
Upvotes: 0
Views: 394
Answers (0)
Related Questions
- Alternatives to mprotect()
- mprotect on a mmap-ed shared memory segment
- How to mprotect the data section?
- Calling mmap from specific address
- mprotect PROT_EXEC on noexec partition
- Linux writing jump to protect memory using mprotect
- mprotect on heap aligned memory works mysteriously
- C - Is it possible to mprotect something less than a page
- Protect the whole address space using mprotect
- Behaviour of PROT_READ and PROT_WRITE with mprotect