9

Let's say I have included a binary into my program during compilation so, I keep it in a variable something like var myExec =[]byte{'s','o','m','e',' ','b','y','t','e','s'} So my question is whether there is a way to execute this binary within my program without writing it back to the disc and calling exec or fork on it? I am writing my app in Golang so the method I am seeking for is to do it using Go or C (using CGO).

Basically, I am seeking something like piping the bash script into bash just I don't know where can I pipe the bytes of a native executable to run it and writing it back to disk and then letting os to read it again seems a lot of extra work to be done

nikoss
  • 3,254
  • 2
  • 26
  • 40
  • 2
    How did you get into the situation of having an executable binary that's not stored on disk? Just asking because I *think* there might be a better way to solve the original issue... –  Jun 20 '17 at 13:48
  • this is just a hypothetical issue. I am planning to make an app that will need this sort of information basically i can pack some tools with my app and run them as needed from the dashboard of my app without writing them to the disc and when i am done no temp files will be on the disc all in memory @FelixPalmen – nikoss Jun 20 '17 at 13:52
  • I don't think you should do this. E.g. on a linux system, you would just create a package that installs these tools to `$(prefix)/lib/$(package)/` or `$(prefix)/libexec/$(package)/`. On windows, they would go somewhere inside your program directory. –  Jun 20 '17 at 13:56
  • "pack some tools"? As in precompiled programs? Forget it. It's not very hard to execute arbitrary pieces of code by changing memory protection on a region. It's a completely different beast to properly parse a program, correctly load it into memory at the right offsets, set up the stack correctly for execution. Half of the things you'd need to implement here aren't even properly documented. Even if it was a statically linked PIE binary, it's still a lot of work. Your best bet is to make the "apps" part of your main program and call them as normal functions. – Art Jun 20 '17 at 14:07
  • well the point is that i dont have access to source code of all the pieces so i thought it could be nice just run them inlined but what i understand from your comment it is easier to write them to tmp folder and let the os execute them as needed is simpler – nikoss Jun 20 '17 at 14:32
  • One solution could be to partition a RAMDisk and then read and write the executable to RAMDisk. – Gillespie Jun 20 '17 at 15:18
  • 1
    This is possible duplicate of these questions: https://stackoverflow.com/questions/3553875/load-an-exe-file-and-run-it-from-memory and https://stackoverflow.com/questions/305203/createprocess-from-memory-buffer. Also, I don't understand, why you accepted answer, that not even nearly answers to your question. – berserkk Jun 20 '17 at 18:37

1 Answers1

5

In C and assuming Linux, you can change the protection of a memory region by means of the mprotect() system call, so that it can be executed (i.e.: turn a data region into a code region). After that, you could execute that region of memory by jumping into it.

JFMR
  • 23,265
  • 4
  • 52
  • 76
  • That only the easy part. What about relocation and loading of external components such as .so files? – Jabberwocky Jun 20 '17 at 13:21
  • adding a small piece of code could be so nice me to understand. what i understand from the man page below https://ws1.sinaimg.cn/large/006tKfTcgy1fgrzfy90qtj31260qemyr.jpg I need to pass the address length and prot_exec but there is still a problem in order to get the memory address I need to use unsafe pointers and malloc it by myself since using go afaik there is no way to deal with the addresses manually and lets assume i have done that how can i actually execute the bytes thats the challenge how to jump there as you say @neroku – nikoss Jun 20 '17 at 13:26
  • @MichaelWalz that's not really an issue if your binary is written in pure go since it is statically linked all it needs is itself – nikoss Jun 20 '17 at 13:27
  • 1
    @nikoss you can start executing the code in C by means of a function pointer: by setting the pointer to the address where the code is located and performing the call – JFMR Jun 20 '17 at 14:00