Visual Studio 2005 SP1 Beta, Windows Vista and ASLR
Today the Visual Studio 2005 team released Service Pack 1 Beta. Included in the beta is the new linker that supports Address Space Layout Randomization on Windows Vista. You can get the update from the Microsoft Connect Site.
By default on Windows Vista system components are loaded at random locations, but with this new linker update Windows Vista will load your code at a random base address, all you need to do is use the new /dynamicbase linker option.
Here's how to use it.
- Load your C/C++ project.
- Open Solution Explorer (if it's not already opened)
- Right-click the Project name
- Click Properties
- Click the '+' symbol next to Linker
- Click Command Line
- In the Additional options pane type /dynamicbase
Voila!
You can verify your application loaded at a random address by loading the application under a debugger such as kd or windbg and looking at the base address as the process loads. On my computer, a little application I wrote to determine the address of various components within Windows Vista loaded at the following addresses on three separate reboots.
ModLoad: 00b00000 00b1b000 C:\test\CheckASLR\debug\CheckASLR.exe
ModLoad: 008c0000 008db000 C:\test\CheckASLR\debug\CheckASLR.exe
ModLoad: 01250000 0126b000 C:\test\CheckASLR\debug\CheckASLR.exe