Finding User/Kernel Pointer Bugs with Type Inference
12.06.2014 Views
Share Embed Flag

Finding User/Kernel Pointer Bugs with Type Inference

Finding User/Kernel Pointer Bugs with Type Inference

Finding User/Kernel Pointer Bugs with Type Inference

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
cs.stonybrook.edu

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Example: <strong>User</strong>/<strong>Kernel</strong> <strong>Pointer</strong> <strong>Bugs</strong><br />

void memset (void * buf,<br />

int c, int len);<br />

void dev_ioctl (void * p)<br />

{<br />

memset(p, 0, 10);<br />

}<br />

Problem: What if p is NULL?<br />

In general, attacker may be able to<br />

Crash kernel<br />

Gain root privileges<br />

Read secret data from kernel buffers<br />

<strong>Finding</strong> <strong>User</strong>/<strong>Kernel</strong> <strong>Pointer</strong> <strong>Bugs</strong> <strong>with</strong> <strong>Type</strong> <strong>Inference</strong> – p.3

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!