Date: Wed, 02 Nov 2016 16:10:30 +0000 From: Adam Sampson <ats@...og.org> To: kernel-hardening@...ts.openwall.com Subject: Re: Legitimate use of /proc/PID/mem,maps and smaps Marian Marinov <mm-l@...u.biz> writes: > Are there any other legitimate users of these files, maybe X? This is the kind of question that Debian Code Search is useful for (although it's not exhaustive): https://codesearch.debian.net/search?q=%2Fproc%2Fself%2Fmem&perpkg=1 https://codesearch.debian.net/search?q=%2Fproc%2Fself%2Fmaps&perpkg=1 https://codesearch.debian.net/search?q=%2Fproc%2Fself%2Fsmaps&perpkg=1 >From my bug-hunting experience, programs use /proc/self/maps for all sorts of weird things -- e.g. working out the full path of the executable, or what version of a shared library they've been linked against, or guessing whether some random value is a valid pointer. Many have embedded copies of code from gettext or BinReloc that uses it. On the other hand, many of these don't actually need all the information in /proc/self/maps, so you could get away with a simplified version that only had valid filenames. -- Adam Sampson <ats@...og.org> <http://offog.org/>
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.