I'm trying to find out how ASLR in Linux works, I have written a simple c program like below:
void simple(void)
{
printf("simple func\n");
}
int main(void)
{
simple();
printf("address is %p \n.", (void*)&simple);
return 0;
}
in the above code, I simply print the location address of simple function, and in all execution of the above code I get the same address for simple function but due to ASLR, I expect to get a random address for simple function in each execution of the program? am I wrong and ASLR should not do this? of course when I ran "ldd app.o" I get a random address each time for different libraries.
Fedora/CentOS/Redhat and presumably other distros are configured to build with -no-pie (Position Independent Executables) by default, which prevents ASLR of the executable itself.
You can explicitly enable it with -pie:
gcc -pie app.c -o app && ./app