OPTIMIZED FUZZING IOKIT IN IOS
19.09.2015 Views
Share Embed Flag

OPTIMIZED FUZZING IOKIT IN IOS

us-15-Lei-Optimized-Fuzzing-IOKit-In-iOS

us-15-Lei-Optimized-Fuzzing-IOKit-In-iOS

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
  • No tags were found...
cererdlong

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Experimental Results(IV)<br />

Vulnerability Case 2<br />

• <strong>IOS</strong>ervice::newUserClient<br />

IOReturn <strong>IOS</strong>ervice::newUserClient( task_t owningTask, void * securityID,<br />

UInt32 type, OSDictionary * properties,<br />

IOUserClient ** handler )<br />

{<br />

…<br />

temp = getProperty(gIOUserClientClassKey);<br />

if (temp) {<br />

if (OSDynamicCast(OSSymbol, temp))<br />

userClientClass = (const OSSymbol *) temp;<br />

….<br />

}<br />

….<br />

temp = OSMetaClass::allocClassWithName(userClientClass);<br />

if (!temp)<br />

return kIOReturnNoMemory;<br />

if (OSDynamicCast(IOUserClient, temp))<br />

client = (IOUserClient *) temp;<br />

….<br />

}<br />

….<br />

}

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!