mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2025-10-24 17:09:43 +00:00
It was possible to craft a custom ELF executable that when symbolicated would cause the kernel to read from user-controlled addresses anywhere in memory. You could then fetch this memory via /proc/PID/stack We fix this by making ELFImage hand out StringView rather than raw const char* for symbol names. In case a symbol offset is outside the ELF image, you get a null StringView. :^) Test: Kernel/elf-symbolication-kernel-read-exploit.cpp
19 lines
346 B
C
19 lines
346 B
C
#pragma once
|
|
|
|
#include <AK/String.h>
|
|
#include <AK/Vector.h>
|
|
|
|
struct KSym {
|
|
u32 address;
|
|
const char* name;
|
|
};
|
|
|
|
u32 address_for_kernel_symbol(const StringView& name);
|
|
const KSym* ksymbolicate(u32 address);
|
|
void load_ksyms();
|
|
|
|
extern bool ksyms_ready;
|
|
extern u32 ksym_lowest_address;
|
|
extern u32 ksym_highest_address;
|
|
|
|
void dump_backtrace();
|