Created
August 22, 2018 02:02
-
-
Save Shnatsel/d00ca9a1080676897f08b81e461a1abe to your computer and use it in GitHub Desktop.
Patch for libdislocate so that it clobbers every buffer allocated with malloc() with a different value. This allows checking for memory disclosure vulnerabilities in arbitrary code simply by running the operation to check twice and comparing the output.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- libdislocator.so.c.pristine 2018-08-22 04:43:10.970904951 +0300 | |
| +++ libdislocator.so.c 2018-08-22 04:46:06.028396381 +0300 | |
| @@ -64,7 +64,7 @@ | |
| /* Canary & clobber bytes: */ | |
| #define ALLOC_CANARY 0xAACCAACC | |
| -#define ALLOC_CLOBBER 0xCC | |
| +int alloc_clobber_counter = 0; | |
| #define PTR_C(_p) (((u32*)(_p))[-1]) | |
| #define PTR_L(_p) (((u32*)(_p))[-2]) | |
| @@ -187,7 +187,7 @@ | |
| DEBUGF("malloc(%zu) = %p [%zu total]", len, ret, total_mem); | |
| - if (ret && len) memset(ret, ALLOC_CLOBBER, len); | |
| + if (ret && len) memset(ret, alloc_clobber_counter++, len); | |
| return ret; | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment