| From: | "Joel Mariadasan (jomariad)" <jomariad(at)cisco(dot)com> |
|---|---|
| To: | "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | ASLR support for Postgres12 |
| Date: | 2020-03-23 03:27:42 |
| Message-ID: | BN6PR11MB417838276FE033D89F36DBF9D7F00@BN6PR11MB4178.namprd11.prod.outlook.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi All,
We found that Postgres12 doesn't support ASLR. Attached the process explorer screenshot (Process_Explorer_ASLR.png).
Analyzing dumpbin headers of postgres looks like the /HIGHENTROPYVA flag set and not the /DYNAMICBASE flag(dumpbin_headers.txt). According to this link<https://github.com/MicrosoftDocs/cpp-docs/issues/282>, resulting image will not have ASLR enabled.
Windows has a feature to force randomization of images (Mandatory ASLR for those images which have not been compiled with /DYNAMICBASE).
Enabling this also didn't have any effect.
The base addresses of postgres in Process Explorer doesn't change upon restart (Postgres_Imagebase.png).
We would like to know if there is a roadmap to enable ASLR support for postgre.
Let us know if you need more information.
Regards,
Joel
| Attachment | Content-Type | Size |
|---|---|---|
| Process_Explorer_ASLR.png | image/png | 258.4 KB |
| Mandatory_ASLR.png | image/png | 457.9 KB |
| dumpbin_headers.txt | text/plain | 5.4 KB |
| Postgres_Imagebase.png | image/png | 265.3 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2020-03-23 03:58:04 | Re: Refactor compile-time assertion checks for C/C++ |
| Previous Message | Amit Kapila | 2020-03-23 02:52:00 | Re: [PATCH] Add schema and table names to partition error |
