Skip to content

Instantly share code, notes, and snippets.

Daniel Micay thestinger

Block or report user

Report or block thestinger

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View cfi.c
#include <stdarg.h>
#include <stdio.h>
void foo(unsigned n, ...) {
va_list args;
va_start(args, n);
for (unsigned i = 0; i < n; i++) {
printf("%d\n", va_arg(args, int));
}
va_end(args);
View tidy.txt
/home/strcat/projects/hardened_malloc/chacha.c:49:14: warning: 5 is a magic number; consider replacing it with a named constant [readability-magic-numbers]
x->input[5] = U8TO32_LITTLE(k + 4);
^
/home/strcat/projects/hardened_malloc/chacha.c:50:14: warning: 6 is a magic number; consider replacing it with a named constant [readability-magic-numbers]
x->input[6] = U8TO32_LITTLE(k + 8);
^
/home/strcat/projects/hardened_malloc/chacha.c:51:14: warning: 7 is a magic number; consider replacing it with a named constant [readability-magic-numbers]
x->input[7] = U8TO32_LITTLE(k + 12);
^
/home/strcat/projects/hardened_malloc/chacha.c:52:14: warning: 8 is a magic number; consider replacing it with a named constant [readability-magic-numbers]
View gist:22174e845019930a9f4bae5a02e4d57b
% adb shell /data/local/tmp/malloc_info | xmllint --format -
<?xml version="1.0"?>
<malloc version="jemalloc-1">
<heap nr="0">
<allocated-large>0</allocated-large>
<allocated-huge>0</allocated-huge>
<allocated-bins>21840</allocated-bins>
<bin nr="1">
<allocated>16</allocated>
<nmalloc>1</nmalloc>
View netd_maps.txt
5b6d4c0000-5b6d543000 r-xp 00000000 fd:00 433 /system/bin/netd
5b6d55b000-5b6d560000 r--p 0008b000 fd:00 433 /system/bin/netd
5b6d560000-5b6d561000 rw-p 00090000 fd:00 433 /system/bin/netd
5e731bf000-5e731c0000 ---p 00000000 00:00 0
5e731c0000-5e739bc000 rw-p 00000000 00:00 0
5e739bc000-5e739bd000 ---p 00000000 00:00 0
5e739bd000-5e741b9000 rw-p 00000000 00:00 0
5e741b9000-5e741ba000 ---p 00000000 00:00 0
5e741ba000-5e749b6000 rw-p 00000000 00:00 0
5e749b6000-5e74ab4000 r--p 00000000 00:10 20874 /dev/hwbinder
@thestinger
thestinger / Android_Q_Privacy.md
Last active May 12, 2019
Android Q privacy features in the context of the AndroidHardening / GrapheneOS work
View Android_Q_Privacy.md

Some of the privacy features that I developed in the past are now going to be standard Android features in the next major release. In some cases, the implementation that I worked on ended up being a direct inspiration for the upstream work. I also pushed them to enable permissions review by default, which may have had some influence on it finally shipping as enabled. It was seemingly implemented for some niche scenario and most of their privacy / security team didn't know about the feature existing when I talked to them about it in the past.

Most of my work has focused on improving security, and that focus will be somewhat increased in Android Q due to many of the privacy improvements being part of the baseline OS.

Android P had previously replaced some of the privacy features developed as part of the AndroidHardening project such as restricting access to the camera, microphone and sensors in the background.

Features that were not implemented by my past work:

View infinite.c
// clang -std=c99 -O2 foo.c && ./a.out
#include <stdio.h>
#include <stdbool.h>
__attribute__((noinline)) void foo(bool b) {
if (b) return; // remove this line and it will infinite loop
while (1) {}
}
View hardened.diff
--- results.md 2018-12-09 19:12:39.636689970 -0500
+++ hardened_results.md 2018-12-09 19:12:39.173350525 -0500
@@ -26,6 +26,7 @@
* CtsAppComponentFactoryTestCases - pass
* CtsAppSecurityHostTestCases - pass (flaky)
- very flaky: android.appsecurity.cts.EphemeralTest#testNormalStartEphemeral
+ - flaky: android.appsecurity.cts.ExternalStorageHostTest#testExternalStorageNone
- flaky: android.appsecurity.cts.InstantCookieHostTest#testCookieUpdateAndRetrieval
* CtsAppTestCases - pass
- flaky: android.app.cts.ExpandableListActivityTest#testSelect
View moto g(6) attestation
% openssl x509 -text -inform DER -in cert-0.der.x509
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: ecdsa-with-SHA256
Issuer: serialNumber = 9845ca479560815d
Validity
Not Before: Jan 1 00:00:00 1970 GMT
Not After : Dec 31 23:59:59 1969 GMT
View hardened offset 1
4194304 to 4194304: -7200768
4194304 to 0: 99639009072
0 to 0: -1392
0 to 16: 275158677248
16 to 16: 752
16 to 32: 262379326256
32 to 32: 576
32 to 48: 272964933248
48 to 48: -1152
48 to 64: 264260346080
View glibc offset 1
4194304 to 4194304: -4198400
4194304 to 0: -46050391177632
0 to 0: 32
0 to 16: 64
16 to 16: 32
16 to 32: 64
32 to 32: 48
32 to 48: 96
48 to 48: 64
48 to 64: 128
You can’t perform that action at this time.