Commit 87e37588 authored by Tobin C. Harding's avatar Tobin C. Harding

leaking_addresses: add range check for vsyscall memory

Currently script checks only first and last address in the vsyscall
memory range. We can do better than this. When checking for false
positives against $match, we can convert $match to a hexadecimal value
then check if it lies within the range of vsyscall addresses.

Check whole range of vsyscall addresses when checking for false
positive.
Signed-off-by: default avatarTobin C. Harding <me@tobin.cc>
parent 15d60a35
...@@ -19,6 +19,7 @@ use Cwd 'abs_path'; ...@@ -19,6 +19,7 @@ use Cwd 'abs_path';
use Term::ANSIColor qw(:constants); use Term::ANSIColor qw(:constants);
use Getopt::Long qw(:config no_auto_abbrev); use Getopt::Long qw(:config no_auto_abbrev);
use Config; use Config;
use bigint qw/hex/;
my $P = $0; my $P = $0;
my $V = '0.01'; my $V = '0.01';
...@@ -195,17 +196,24 @@ sub is_false_positive ...@@ -195,17 +196,24 @@ sub is_false_positive
return 1; return 1;
} }
if (is_x86_64()) { if (is_x86_64() and is_in_vsyscall_memory_region($match)) {
# vsyscall memory region, we should probably check against a range here.
if ($match =~ '\bf{10}600000\b' or
$match =~ '\bf{10}601000\b') {
return 1; return 1;
} }
}
return 0; return 0;
} }
sub is_in_vsyscall_memory_region
{
my ($match) = @_;
my $hex = hex($match);
my $region_min = hex("0xffffffffff600000");
my $region_max = hex("0xffffffffff601000");
return ($hex >= $region_min and $hex <= $region_max);
}
# True if argument potentially contains a kernel address. # True if argument potentially contains a kernel address.
sub may_leak_address sub may_leak_address
{ {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment