Cross DSO CFI - LLVM and Android
https://struct.github.io/cross_dso_cfi.html [struct.github.io]
2019-01-02 22:30
tags:
android
c
compiler
defense
security
Control Flow Integrity is an exploit mitigation that helps raise the cost of writing reliable exploits for memory safety vulnerabilities. There are various CFI schemes available today, and most are quite well documented and understood. One of the important areas where CFI can be improved is protecting indirect calls across DSO (Dynamic Shared Object) boundaries. This is a difficult problem to solve as only the library itself can validate call targets and consumers of the library may be compiled and linked against the library long after it was built. This requires a low level ABI compatability between the caller and the callee. The LLVM project has documented their design for this here. The remainder of this post looks at that design, it’s drawbacks, and then briefly explores how the Android PIE Bionic linker implements it.
source: L
Chrome Oilpan - Meta Data, Freelists and more
http://struct.github.io/oilpan_metadata.html [struct.github.io]
2017-04-15 00:34
tags:
browser
c
cxx
defense
garbage-collection
malloc
programming
security
PatitionAlloc is no longer used to allocate memory for DOM related C++ objects in Chrome. Instead a new garbage collected memory allocator, Oilpan, is used. Oilpan is a different design with its own tradeoffs that optimize for performance. But those tradeoffs can introduce opportunity for an exploit developer. This post is about some of those design decisions that resulted in a lack of exploit mitigations traditonally found in more mature memory allocators.