Comments (4)
Doesn't the additional mprotect page already do this?
from libdiffuzz.
I guess that's also missing for calloc.
from libdiffuzz.
Additional mprotect page makes the program crash, which sort of works, but muddles the picture because you can't tell if it was an out-of-bounds write or an information leak.
I find that tools tools complementary to each other work best, and the more approaches you have in your toolbox, the better. The mprotect page is not terribly useful because libdislocator and Address Sanitizer already detect the exact same thing, so I'm trying to do something complementary here.
In my use case I had a program crash under libdislocator (with mprotect page), and wanted to run it through a different tool to determine whether this is an actually exploitable out-of-bounds read. ASAN would also report the error regardless. So I've tweaked libdiffuzz to allocate extra space at the end and clobber it, which is an approach orthogonal to existing tools, and that gave me the answer I was looking for.
Good point about calloc
!
from libdiffuzz.
#4 has added an option to detect OOB reads that come after the allocated buffer. It is toggled by an environment variable. OOB reads from before the allocated buffer are not yet detected.
from libdiffuzz.
Related Issues (6)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from libdiffuzz.