Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I'm assuming that even with PIE, the relative positioning of the statically linked libraries is constant. That means you only need a single address leak to be able to ROP to anywhere.


That's how I understand it as well (it's a single rel/ro segment). But then again, in most cases you only need any address anyway. Rop gadgets are everywhere...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: