Skip to content
Snippets Groups Projects
Commit 87e37588 authored by Tobin C. Harding's avatar Tobin C. Harding
Browse files

leaking_addresses: add range check for vsyscall memory


Currently script checks only first and last address in the vsyscall
memory range. We can do better than this. When checking for false
positives against $match, we can convert $match to a hexadecimal value
then check if it lies within the range of vsyscall addresses.

Check whole range of vsyscall addresses when checking for false
positive.

Signed-off-by: default avatarTobin C. Harding <me@tobin.cc>
parent 15d60a35
No related branches found
No related tags found
No related merge requests found
...@@ -19,6 +19,7 @@ use Cwd 'abs_path'; ...@@ -19,6 +19,7 @@ use Cwd 'abs_path';
use Term::ANSIColor qw(:constants); use Term::ANSIColor qw(:constants);
use Getopt::Long qw(:config no_auto_abbrev); use Getopt::Long qw(:config no_auto_abbrev);
use Config; use Config;
use bigint qw/hex/;
my $P = $0; my $P = $0;
my $V = '0.01'; my $V = '0.01';
...@@ -195,17 +196,24 @@ sub is_false_positive ...@@ -195,17 +196,24 @@ sub is_false_positive
return 1; return 1;
} }
if (is_x86_64()) { if (is_x86_64() and is_in_vsyscall_memory_region($match)) {
# vsyscall memory region, we should probably check against a range here.
if ($match =~ '\bf{10}600000\b' or
$match =~ '\bf{10}601000\b') {
return 1; return 1;
} }
}
return 0; return 0;
} }
sub is_in_vsyscall_memory_region
{
my ($match) = @_;
my $hex = hex($match);
my $region_min = hex("0xffffffffff600000");
my $region_max = hex("0xffffffffff601000");
return ($hex >= $region_min and $hex <= $region_max);
}
# True if argument potentially contains a kernel address. # True if argument potentially contains a kernel address.
sub may_leak_address sub may_leak_address
{ {
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment