Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MemLeak doesn't work for negative addresses #758

Closed
br0ns opened this issue Oct 7, 2016 · 2 comments
Closed

MemLeak doesn't work for negative addresses #758

br0ns opened this issue Oct 7, 2016 · 2 comments
Assignees
@br0ns
Labels
bug
Milestone
3.5.0

Comments

@br0ns
Copy link
Contributor

br0ns commented Oct 7, 2016

Leaking memory at a negative address with MemLeak always returns None because of the check at https://github.com/Gallopsled/pwntools/blob/dev/pwnlib/memleak.py#L156.

At first glance that check seems reasonable; negative addresses doesn't exist. But what if my information leak takes addresses relative to some offset like, say, the stack pointer.

I see two obvious solutions: 1) just remove the check or 2) add a flag to the MemLeak constructor where you can specify whether addresses are relative or absolute and then only enforce the check in case of absolute addresses.

Ps. I know that I was the one putting in the check in the first place. I now think that I was wrong.
@zachriggle
Copy link
Member

zachriggle commented Oct 7, 2016
edited
Loading

See #601 for why this was put in place. If you can make everything work while allowing negative values, sounds good to me. It hadn't ever occurred to me to use MemLeak for relative leaks before 😮

@zachriggle zachriggle added the bug label Oct 11, 2016
@zachriggle zachriggle added this to the Someday milestone Oct 11, 2016
zachriggle added a commit to zachriggle/pwntools that referenced this issue Dec 19, 2016
@zachriggle
Enable leaking memory relatively with MemLeak
8d3cf83 
Fixes Gallopsled#758
@zachriggle zachriggle mentioned this issue Dec 19, 2016
Merged
@zachriggle
Copy link
Member

Ping, added a Pull Request to fix this. I'd like @br0ns to review it.

zachriggle added a commit that referenced this issue Dec 29, 2016
@zachriggle
Enable leaking memory relatively with MemLeak (#822)
ac017d9 
* Enable leaking memory relatively with MemLeak

Fixes #758

* Add RelativeMemLeak alias for MemLeak(..., relative=True)

* Make codacy happy
@zachriggle zachriggle modified the milestones: 3.5.0, Someday Mar 4, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@br0ns br0ns

Labels
bug
Projects
None yet
Milestone
3.5.0
Development

No branches or pull requests
2 participants
@zachriggle @br0ns