Demonstration
The following program is compiled with gcc -Wall ASLR.c -o ASLR:
#include <stdio.h>
int main() {
printf("Address of main is %p\n", main);
}
The program is then executed 10 times. Each time, the address of main is reported to be at a different location in memory:
$ for i in {1..10}; do ./ASLR; done
Address of main is 0x555d08b00135
Address of main is 0x56469ffe6135
Address of main is 0x56214a129135
Address of main is 0x558ebecef135
Address of main is 0x555c43d0d135
Address of main is 0x559a4be99135
Address of main is 0x55b914784135
Address of main is 0x5610c9c50135
Address of main is 0x561585df7135
Address of main is 0x557ab9eb5135
Note that the last three 24 bits (hex 0x135) are always the same.
Disable randomization
$ sudo 'sh -c "echo 0 > /proc/sys/kernel/randomize_va_space"'
Execute the same loop again:
$ for i in {1..10}; do ./ASLR; done
Address of main is 0x555555555135
Address of main is 0x555555555135
Address of main is 0x555555555135
Address of main is 0x555555555135
Address of main is 0x555555555135
Address of main is 0x555555555135
Address of main is 0x555555555135
Address of main is 0x555555555135
Address of main is 0x555555555135
Address of main is 0x555555555135
Restore address randomization:
$ sudo sh -c "echo 2 > /proc/sys/kernel/randomize_va_space"