ptrscan icon indicating copy to clipboard operation
ptrscan copied to clipboard

Published 20 hours ago verified publisher icon vykt

Verification fails due to

Open vykt opened this issue 1 month ago • 1 comments

Affected versions: v0.1.0+

Pointer chain verification fails because memory segments without backing files ('pathname' field in 'man 5 proc') derive their name from their starting address. Because of ASLR, across execution instances these names become invalid, leading to error in interpreting and verifying saved scans.

This bug was introduced in v0.1.0, which changed the names of backing files from '<NO_PATHNAME>' to their starting address, for regions which lack a backing file.

The solution is probably to treat such segments as belonging to the closest previous segment with a backing file. This approach will detect pointer chains where a pointer chain arrives to a segment that consistently follows some shared object.

vykt avatar May 17 '24 05:05 vykt