LuLu crashes for processes using non-UTF8 arguments #305
Comments
objective-see
added a commit
that referenced
this issue
Jan 19, 2021
improved process arg parsing (#305)
|
Thanks! Good catch 😅 |
objective-see
added a commit
that referenced
this issue
Jan 19, 2021
improved process arg parsing (#305)
|
fixed release v2.3.0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Process arguments on macOS do not have a defined or enforced encoding. UTF8 is common, but nothing prevents a process from using something non-UTF8.
LuLu (and I suspect some other Objective-See tools too) assumes arguments are UTF8:
LuLu/LuLu/Extension/Process.m
Lines 474 to 478 in aafab24
When a C string which is not valid UTF8 is used,
-[NSString stringWithUTF8String:]returnsnil. When attempting to add anilobject to anNSMutableArray, it throws an exception. This exception is not caught, which means the network extension crashes.After the network extension crashes, internet access is unfiltered for a short time while it restarts. This makes it possible for malware to bypass LuLu by making it crash and then quickly accessing the network.
I recommend fixing this by either ignoring arguments that are invalid UTF8, or using
NSDatafor storing arguments.The text was updated successfully, but these errors were encountered: