[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Directly comparing two addresses from different memory regions (one
|
From: |
Kaz Kylheku |
|
Subject: |
Re: Directly comparing two addresses from different memory regions (one is from the stack and another is from the heap) might be problematic |
|
Date: |
Wed, 16 Aug 2023 00:09:33 -0700 |
|
User-agent: |
Roundcube Webmail/1.4.13 |
On 2023-08-15 08:14, TU Haoxin wrote:
> To make the address from the heap return as the same one from the stack, we
> leverage some known heap exploitation techniques
That's very interesting and and all from a research point of view,
but you might you not be confusing GNU Make for a network application
that takes input from an untrusted user?
Can you elaborate on the real world scenario under which GNU
Make is attacked by a malicious user?
Remember, that the user who runs GNU Make is building a program
that they trust. The entire package contains all kinds of
code from the developer, which the user blindly executes.
If you trust my program and are building it, why would I choose
to attack you by way of exploiting something in your GNU Make
executable? You're voluntarily running code that I wrote, such
as my ./configure script, or the shell fragments that comprise
the recipes in my Makefile. I could put nasty things in the C
program being built.
GNU Make is a programming language, so we can ask the question:
what about Makefile programs that are perfectly trustworthy
themselves, but which are attacked by malicious data?
I don't suspect GNU Make is used in that general way, as an
application language for writing program which is
itself trustworthy and trusted, but falls victim to malicious
data which, through that program, attacks GNU Make.
Or, do you know of some realistic example of this?