New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Null pointer caused by UAF in unicorn-1.0.3 #1578
Comments
|
Please try with "dev" branch
|
|
Unicorn Python package supports up to version 1.0.3 I also tried to use I also modified the # unicorn.py
# verify version compatibility with the core before doing anything
(major, minor, _combined) = uc_version()
'''
if major != uc.UC_API_MAJOR or minor != uc.UC_API_MINOR:
self._uch = None
# our binding version is different from the core's API version
raise UcError(uc.UC_ERR_VERSION)
''' |
|
I may know the cause of the problem.
When we use // uc.c uc_emu_start
if (uc->vm_start(uc)) {
return UC_ERR_RESOURCE;
}
// emulation is done
uc->emulation_done = true;
// remove hooks to delete
clear_deleted_hooks(uc);remove hooks to delete! However, our PoC is still in the first |
|
|
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 15 days. |
|
Just FYI, this issue no longer seems to affect the 2.0.1 version. I tried to run the proof of concept code posted in the description, and apparently it does not produce a crash with the 2.0.1 version of unicorn. The 2nd invocation of the Python code using the 2.0.1 version of the package just displays an error message as expected without crashing. |
Hello, :)
Unicorn-1.0.3 Python API
emu_startto the hook function (uc_hook_mem_read_unmapped)PoC is as follows
segmentation fault
gdb debug
The text was updated successfully, but these errors were encountered: