mirrors/ladybird
1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-01-23 17:52:26 -05:00
Code Issues Projects Releases Packages Wiki Activity
ladybird/Tests/Kernel
History
Andreas Kling c6e552ac8f Kernel+LibELF: Don't blindly trust ELF symbol offsets in symbolication 
It was possible to craft a custom ELF executable that when symbolicated
would cause the kernel to read from user-controlled addresses anywhere
in memory. You could then fetch this memory via /proc/PID/stack

We fix this by making ELFImage hand out StringView rather than raw
const char* for symbol names. In case a symbol offset is outside the
ELF image, you get a null StringView. :^)

Test: Kernel/elf-symbolication-kernel-read-exploit.cpp
2020-01-16 22:11:31 +01:00
..
elf-symbolication-kernel-read-exploit.cpp Kernel+LibELF: Don't blindly trust ELF symbol offsets in symbolication 2020-01-16 22:11:31 +01:00
mmap-write-into-running-programs-executable-file.cpp Kernel: Validate PROT_READ and PROT_WRITE against underlying file 2020-01-07 19:32:32 +01:00
null-deref-close-during-select.cpp Kernel: Ignore closed fd's when considering select() unblock 2020-01-09 12:36:42 +01:00
null-deref-crash-during-pthread_join.cpp Kernel: Fix kernel null deref on process crash during join_thread() 2020-01-10 19:23:45 +01:00
uaf-close-while-blocked-in-read.cpp Kernel: Make Process::file_description() vend a RefPtr<FileDescription> 2020-01-07 15:53:42 +01:00