I read a tutorial where they compiled with the -no-pie option. Is it because the .text segment will be loaded at a random address, therefore making the address of gadgets founds inside it useless ?
Add a comment |
1 Answer
The PIE abbreviation means "Position Independent Executable". Such an executable may ask or not ask the OS for the Address Space Layout Randomization (ASLR), when the OS loader loads the binary and dependencies into a random location of virtual memory.
ASLR itself, not PIE, protects executable from specific malware (which rely on fixed virtual address of a particular code and tries changing it in an already running program). Asking for ASLR is another flag beside the PIE flag.
The -no-pie option of the GCC compiler means "no PIE" - it's only one bit in the executable header, signaling the loader that the code is position-dependent. (The loader will then load the code always into the same, fixed virtual memory location indicated in the executable's header.)