eresi icon indicating copy to clipboard operation
eresi copied to clipboard
verified publisher icon thorkill

readmema and writemem handlers should check input address mapping

Open thorkill opened this issue 9 years ago • 0 comments

The vectors "readmema" and "writemem" will in certain conditions read or write to an invalid address, leading to a segmentation fault when in e2dbg. Other programs seems immune against this error, so only elfsh_get_raw_by_addr() seem to be affected.

Many commands seems to be affected by that bug, D, X, write in particular.

In practice, for example:

The "write" command, when in debug mode, will not check if the address provided is really mapped. It will directly write to it. Its not straightforward to do that test, but I can think of 2 solutions:

  • look in the linkmap if the addr is part of a mapped object (but the stack and the heap are maybe not part of the linkmap ? to verify...)
  • handle the SIGSEGV and print "address not mapped" in the handler, so we could report the problem and continue the execution as if nothing had happened, obviously without doing the write.

Ticket: 87 Reported by: may on Fri Oct 31 20:43:04 2008

thorkill avatar Apr 24 '16 11:04 thorkill