Address space layout randomization

In computer science, Address space layout randomization (ASLR) is a process which entails arranging the positions of major data areas randomly in virtual address space. This can include the base of the executable, libraries, heap, and stack. The chances of an attacker guessing where any of these randomly placed areas is is ${\displaystyle 1/{2^{b}}}$, where b is the number of bits of entropy used to determine the position of the data area. In many systems, ${\displaystyle 2^{b}}$ can be in the thousands or millions; on modern 64-bit systems, these numbers typically reach the trillions, quadrillions, or quintillions (a 1 with 18 zeros after it).

Address space layout randomization was a concept used to exemplify a simple hinderance to certain classes of computer security attacks by preventing targetted data--usually program code--from being placed at addresses easily determined by the attacker; attackers trying to execute return-to-libc attacks could, for example, run the program they are attacking on their home computer to determine the layout of the program under normal, non-random circumstances.

Several security systems implement ASLR, notably PaX and Exec Shield on Linux.

W^X on OpenBSD implements Library Load Order Randomization, which is a less entropic form of ASLR that simply randomizes the order in which libraries loaded on program load are loaded; but notably, not libraries loaded afterwards, such as plug-ins. This leaves some libraries at highly predictable positions. Furthermore, the chances of an attacker correctly guessing the location of any of the randomly ordered libraries is ${\displaystyle 1/n}$, where n is the number of libraries loaded.