Andreas Kling c6e552ac8f Kernel+LibELF: Don't blindly trust ELF symbol offsets in symbolication ... It was possible to craft a custom ELF executable that when symbolicated would cause the kernel to read from user-controlled addresses anywhere in memory. You could then fetch this memory via /proc/PID/stack We fix this by making ELFImage hand out StringView rather than raw const char* for symbol names. In case a symbol offset is outside the ELF image, you get a null StringView. :^) Test: Kernel/elf-symbolication-kernel-read-exploit.cpp		2020-01-16 22:11:31 +01:00
..
elf-symbolication-kernel-read-exploit.cpp	Kernel+LibELF: Don't blindly trust ELF symbol offsets in symbolication	2020-01-16 22:11:31 +01:00
mmap-write-into-running-programs-executable-file.cpp	Kernel: Validate PROT_READ and PROT_WRITE against underlying file	2020-01-07 19:32:32 +01:00
null-deref-close-during-select.cpp	Kernel: Ignore closed fd's when considering select() unblock	2020-01-09 12:36:42 +01:00
null-deref-crash-during-pthread_join.cpp	Kernel: Fix kernel null deref on process crash during join_thread()	2020-01-10 19:23:45 +01:00
uaf-close-while-blocked-in-read.cpp	Kernel: Make Process::file_description() vend a RefPtr<FileDescription>	2020-01-07 15:53:42 +01:00