-
-
Notifications
You must be signed in to change notification settings - Fork 293
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Shadow bit #455
Shadow bit #455
Conversation
this pr waits for asan to be fixed |
so the asan error I encountered is a x64 issue... this pr itself should be ok |
can you test this on aarch64 please? @s1341 |
libafl_frida/src/alloc.rs
Outdated
// max(userspace address) this is usually 0x8_0000_0000_0000 - 1 on x64 linux. | ||
let mut userspace_max: usize = 0; | ||
// List up all occupied memory ranges | ||
RangeDetails::enumerate_with_prot(PageProtection::Read, &mut |details| { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we assume that all relevant regions are READable?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no... 😄
I changed it to enumerate writable & executable regions
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
surely there is a better way than copy-pasting all that code?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do you mean using PageProtection::ReadWriteExecute
instead?
but that does not work.
I need to enumerate Readable ,Writable, and Executable one by one and put them into a single Vec
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So maybe do a nested for instead of copying the code three times?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ah ok
awesome work. We'll merge once CI is green. |
* add * debugging * remove debug code * fmt * why * writable or executable ranges * for * fmt * fix
With this pr we try every possible shadow bit and make sure it is valid (by enumerating existing memory ranges and checking they don't collide)