RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-05-31 15:38:10 +00:00
Code Issues Activity Actions
serenity/Libraries/LibELF
History
Andreas Kling c6e552ac8f Kernel+LibELF: Don't blindly trust ELF symbol offsets in symbolication 
It was possible to craft a custom ELF executable that when symbolicated
would cause the kernel to read from user-controlled addresses anywhere
in memory. You could then fetch this memory via /proc/PID/stack

We fix this by making ELFImage hand out StringView rather than raw
const char* for symbol names. In case a symbol offset is outside the
ELF image, you get a null StringView. :^)

Test: Kernel/elf-symbolication-kernel-read-exploit.cpp
2020-01-16 22:11:31 +01:00
..
Arch/i386 LibELF: Re-organize ELFDynamicObject::load and add PLT trampoline 2020-01-01 23:54:06 +01:00
ELFDynamicLoader.cpp LibELF: Map .text segment with MAP_ANONYMOUS for shared objects 2020-01-09 09:29:36 +01:00
ELFDynamicLoader.h LibELF: Map .text segment with MAP_ANONYMOUS for shared objects 2020-01-09 09:29:36 +01:00
ELFDynamicObject.cpp LibELF: Map .text segment with MAP_ANONYMOUS for shared objects 2020-01-09 09:29:36 +01:00
ELFDynamicObject.h LibELF: Map .text segment with MAP_ANONYMOUS for shared objects 2020-01-09 09:29:36 +01:00
ELFImage.cpp Kernel+LibELF: Don't blindly trust ELF symbol offsets in symbolication 2020-01-16 22:11:31 +01:00
ELFImage.h Kernel+LibELF: Don't blindly trust ELF symbol offsets in symbolication 2020-01-16 22:11:31 +01:00
ELFLoader.cpp Kernel+LibELF: Don't blindly trust ELF symbol offsets in symbolication 2020-01-16 22:11:31 +01:00
ELFLoader.h Kernel+LibELF: Don't blindly trust ELF symbol offsets in symbolication 2020-01-16 22:11:31 +01:00
exec_elf.h LibELF: Add ELFDynamicObject to dynamically load libaries 2020-01-01 17:48:41 +01:00
Makefile Build: clean up build system, use one shared Makefile 2019-12-20 20:20:54 +01:00