donb is at it again,
but this time with a vulnerability which could very well prove exploitable.
Here is the article :
http://blog.securitymouse.com/2014/0...ploitable.html
The trick to this vulnerability is to get the 32-bits OS allocate a memory block beyond address 0x80000000.
This situation never happened in my tests (even though I've got 4 GB of mem to play with).
As a result, it became a key assumption in the border checking algorithm.
It could be that this possibility is limited to some platforms.
The article states specifically that it is possible on some type of ARM processors, but I'm not totally convinced it is related to hardware.
It may related to OS instead.
Anyway, if it's not possible to trigger on PC, then it may be more difficult to debug it. On Smartphone Platforms typically, dedicated tools (SDK, cable set, etc.) may be required.
Anyway, since it's not exactly my world, I'm looking for some help in order to find some platform able to trigger that situation.
- 32-bits system & OS
- memory allocated beyond address 0x80000000
The main driver is, it's much better to complete a fix when it's also possible to test it....
A first fix is available, for testing, on the issue tracker :
https://code.google.com/p/lz4/issues/detail?id=134
Regards