IMPLEMENT_RANDOMIZE_STACK

[DavidBurkett]

I was hoping to see your thoughts on IMPLEMENT_RANDOMIZE_STACK when you documented ThreadOpenConnections, but I saw it was glossed over. It's always been something that bothered me for some reason.

1. Why not just use built-in ASLR? Pretty sure VS and mingw supported it.
2. How does it actually work? It doesn't seem like it should, but I'm a bit of a simpleton.
3. Have you ever seen anyone do anything similar? I've looked at a lot of old C/C++ code, and have never come across anything like it.

[marsmensch]

My educated guess is that he either didn't know or he was aware of the limitations of ASLR back then and decided to "roll-his-own".

Even today when the entire base system in Windows 10 uses ASLR, image randomization on Windows is per-boot, not per-process. This means that attackers can guess the location of code pretty reliably. The stack itself is randomized per-process though.

ASLR was indeed available (w/ the release of Windows Vista in 2007): https://docs.microsoft.com/en-us/cpp/build/reference/dynamicbase-use-address-space-layout-randomization?view=vs-2019

Forgot to add some relevant references: https://github.com/bitcoin/bitcoin/issues/1130 https://github.com/bitcoin/bitcoin/issues/1603

[jaysonmald35]

Ok