Only for the gurus

So this is the problem:
INTEL mode 

406bef: 48 8d 1c cd 00 00 00  lea    rbx,[rcx*8+0x0]
  406bf6: 00
ATT mode 
406bef: 48 8d 1c cd 00 00 00  lea    0x0(,%rcx,8),%rbx
  406bf6: 00
Becomes this in kdbg:
        node = (GLMnode*)malloc(sizeof(GLMnode));
0x406bea mov    $0x10,%edi
        node->index = i;
0x406c14 mov    %r12d,(%rax)

So I did this:

cvs -z 9 -d :pserver:anoncvs@sourceware.org:/cvs/src co binutils

It is part my compulsive need to understand when an error happens and it goes clear to the transfer of electrons between gates if that is what it takes :) There are glibc issues and objdump with x86_64 and this link at sandpile.org describes the SIB +offset 32

The issue is that even though the core process is checked, the secondary effects of a change that is interdependent can tip the whole process and end up with sh*t that is unexpected and can be an exploit.

I will update this post with what I find out, but I am assuming disasm.c or some such has a bad case count of bytes and it cascades clear into glibc on SIGSEGV handling unwind possibly. It ends up being a malloc(x) issue when it shouldn't AFAIK

SOLUTION:There were no problems with glibc, libopcodes, objdump, gcc, or kdbg. The issues arose from a dual context issue that could not be resolved and so the faults are reporting properly. The way in which the code is displayed when merged with source is very confusing, as the compiler does not generate code in the order that it is written in "C", but that is an optimization effect. Most of the problem stemmed from my confusion when I mixed "C" source and asm. The fact that it seemed to split an instruction to a zero which is not going to be pretty on Intel is what made me assume there was a flaw. I wish they had chosen -zero- as nop instead of 90h = 0x90. What were they thinking?

Overall the people who handle the core of Linux must be some very talented people as the code there is as close to gospel as one could ask for in such a complex environment. considering that the code that has made Microsoft trillions of dollars is virtually crap in comparison is always going to make me wonder how that happened the way it did. Linus has done the world a great service. Somebody should put him up for a Nobel prize of some kind.

at 4/07/2009 09:06:00 PM

Labels: , , ,

0 comments:

Post a Comment

Contributors

Automated Intelligence

Automated Intelligence
Auftrag der unendlichen LOL katzen