0

When I run the following code:

#include <stdio.h>
#include <string.h>

char code[] = "\x31\xc0\x48\xbb\xd1\x9d\x96\x91\xd0\x8c\x97\xff\x48\xf7\xdb\x53\x54\x5f\x99\x52\x57\x54\x5e\xb0\x3b\x0f\x05";

int main()
{
    printf("len:%d bytes\n", strlen(code));
    (*(void(*)()) code)();
    return 0;
}

Using the gcc compiler, I first simply compiled using

 gcc program.c -o program

When I ran that I got a Segmentation Fault. Next, I tried to compile using

gcc -fno-stack-protector -z execstack -o test test.c

That worked and I got the shell. What I am wondering is why I need to pass those commands while compiling for it to work. My goal is to make it work without having to pass those commands. How can I achieve that goal?

yasgur99
  • 756
  • 2
  • 11
  • 32
  • Does it work if you change it to `const char code[]`? – tangrs Jan 09 '16 at 02:01
  • ahh @tangrs that did the trick – yasgur99 Jan 09 '16 at 02:02
  • 1
    Related: [segmentation fault with .text .data and main (main in .data section)](https://stackoverflow.com/q/34350582) / [Unexpected exec permission from mmap when assembly files included in the project](https://stackoverflow.com/q/58260465) – Peter Cordes Sep 19 '20 at 22:33

1 Answers1

4

Writeable data in static storage (such as your code array) usually ends up in the .data section which is usually marked “not executable.” Mark the array as const so it ends up in .rodata resp. .text and can be executed.

fuz
  • 88,405
  • 25
  • 200
  • 352