p71924506
/
linux_old1
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

leaking_addresses: add range check for vsyscall memory 

Currently script checks only first and last address in the vsyscall
memory range. We can do better than this. When checking for false
positives against $match, we can convert $match to a hexadecimal value
then check if it lies within the range of vsyscall addresses.

Check whole range of vsyscall addresses when checking for false
positive.

Signed-off-by: Tobin C. Harding <me@tobin.cc>
This commit is contained in:
Tobin C. Harding 2017-12-07 12:33:21 +11:00
parent 15d60a35b8
commit 87e3758856
1 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
scripts/leaking_addresses.pl
View File

@ -19,6 +19,7 @@ use Cwd 'abs_path';
use Term::ANSIColor qw(:constants);
use Getopt::Long qw(:config no_auto_abbrev);
use Config;
use bigint qw/hex/;
my $P = $0;
my $V = '0.01';
@ -195,17 +196,24 @@ sub is_false_positive
return 1;
}
if (is_x86_64()) {
# vsyscall memory region, we should probably check against a range here.
if ($match =~ '\bf{10}600000\b' or
$match =~ '\bf{10}601000\b') {
return 1;
}
if (is_x86_64() and is_in_vsyscall_memory_region($match)) {
return 1;
}
return 0;
}
sub is_in_vsyscall_memory_region
{
my ($match) = @_;
my $hex = hex($match);
my $region_min = hex("0xffffffffff600000");
my $region_max = hex("0xffffffffff601000");
return ($hex >= $region_min and $hex <= $region_max);
}
# True if argument potentially contains a kernel address.
sub may_leak_address
{