Exemplos de addMemTainted em C++ (Cpp)

Exemplo n.º 1

0

Exibir arquivo

Arquivo: salwanUseAfterFree.cpp Projeto: cl-wood/stubble

VOID WriteMem(UINT32 insAddr, std::string insDis, UINT32 opCount, REG reg_r, UINT32 memOp, UINT32 sp)
{
  list<UINT32>::iterator i;
  list<struct mallocArea>::iterator i2;
  UINT32 addr = memOp;
  
  if (opCount != 2)
    return;
  
  for(i2 = mallocAreaList.begin(); i2 != mallocAreaList.end(); i2++){
    if (addr >= i2->base && addr < (i2->base + i2->size) && i2->status == FREE){
      std::cout << std::hex << "[UAF in " << addr << "]\t" << insAddr << ": " << insDis << std::endl;
      return;
    }
  }

  for(i = addressTainted.begin(); i != addressTainted.end(); i++){
      if (addr == *i){
        std::cout << std::hex << "[WRITE in " << addr << "]\t" << insAddr << ": " << insDis << std::endl;
        if (!REG_valid(reg_r) || !checkAlreadyRegTainted(reg_r))
          removeMemTainted(addr);
        
        if (sp > addr && addr > 0x700000000000)
          std::cout << std::hex << "[UAF in " << addr << "]\t" << insAddr << ": " << insDis << std::endl;

        return ;
      }
  }
  if (checkAlreadyRegTainted(reg_r)){
    std::cout << std::hex << "[WRITE in " << addr << "]\t" << insAddr << ": " << insDis << std::endl;
    addMemTainted(addr);
  }
}

Exemplo n.º 2

0

Exibir arquivo

Arquivo: example3.cpp Projeto: cl-wood/stubble

VOID WriteMem(UINT64 insAddr, std::string insDis, UINT32 opCount, REG reg_r, UINT64 memOp)
{
  list<UINT64>::iterator i;
  UINT64 addr = memOp;

  if (opCount != 2)
    return;

  for(i = addressTainted.begin(); i != addressTainted.end(); i++){
      if (addr == *i){
        std::cout << std::hex << "[WRITE in " << addr << "]\t" << insAddr << ": " << insDis << std::endl;
        if (!REG_valid(reg_r) || !checkAlreadyRegTainted(reg_r))
          removeMemTainted(addr);
        return ;
      }
  }
  if (checkAlreadyRegTainted(reg_r)){
    std::cout << std::hex << "[WRITE in " << addr << "]\t" << insAddr << ": " << insDis << std::endl;
    addMemTainted(addr);
  }
}

Exemplo n.º 3

0

Exibir arquivo

Arquivo: Example-2-Spread-the-taint-in-memory-and-registers.cpp Projeto: Debug-Orz/stuffz

VOID WriteMem(INS ins, UINT64 memOp)
{
  list<UINT64>::iterator i;
  UINT64 addr = memOp;
  REG reg_r;

  if (INS_OperandCount(ins) != 2)
    return;

  reg_r = INS_OperandReg(ins, 1);
  for(i = addressTainted.begin(); i != addressTainted.end(); i++){
      if (addr == *i){
        std::cout << std::hex << "[WRITE in " << addr << "]\t" << INS_Address(ins) << ": " << INS_Disassemble(ins) << std::endl;
        if (!REG_valid(reg_r) || !checkAlreadyRegTainted(reg_r))
          removeMemTainted(addr);
        return ;
      }
  }
  if (checkAlreadyRegTainted(reg_r)){
    std::cout << std::hex << "[WRITE in " << addr << "]\t" << INS_Address(ins) << ": " << INS_Disassemble(ins) << std::endl;
    addMemTainted(addr);
  }
}