Update FunctionIntOverFlow.c

Author: rhaym-tech

Exploits/FunctionIntOverFlow.c

@@ -3,6 +3,26 @@
 #include <stdio.h>
 #include <unistd.h>
 
+/*
+*  Brief: Integer overflow in CoreAnimation, CVE-2018-4415
+ *  Usage:
+ *    1. clang FunctionIntOverFlow.c -o function_over_flow
+ *    2. ./function_over_flow
+ *
+ *  Specifically, `CA::Render::InterpolatedFunction::allocate_storage` function in QuartzCore does
+ *  not do any check for integer overflow in expression |result = (char *)malloc(4 * (v4 + v3));|.
+ *
+ *  The bug has been fixed in macOS 10.14.1 and iOS 12.1, since the interfaces and structure of
+ *  messages are inconsistent between different versions, this PoC may only work on macOS 10.14 and
+ *  iOS 12.0, but it's very easy to replant it to another versions.
+ *
+ *  Tips for debugging on macOS: Turn Mac to sleep mode and ssh to the target machine, this may
+ *  help you concentrate on your work.
+ *
+ *  One more: Mach service com.apple.CARenderServer is reacheable from Safari sandbox on both macOS
+ *  and iOS. com.apple.windowserver.active accurately on macOS versions prior to macOS 10.14.
+ */
+
 static void do_int_overflow() {
 
     mach_port_t p = MACH_PORT_NULL, bs_port = MACH_PORT_NULL;