Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix problems due to multiple matches in filename filters #1083

Merged
merged 8 commits into from
Apr 23, 2024
Merged

Fix problems due to multiple matches in filename filters #1083

merged 8 commits into from
Apr 23, 2024

Conversation

ValekoZ
Copy link
Collaborator

@ValekoZ ValekoZ commented Apr 12, 2024

Expected behavior

  • Find the main_arena even if there is "libc" in the path of files that aren't libc.
  • Warn the user when there are multiple matches when using $_base("xxx")
  • Search for "xxx" in the filename instead of the entire path when possible when using $_base("xxx")

Current behavior

(remote) gef➤  vmmap
[ Legend:  Code | Heap | Stack ]
Start              End                Offset             Perm Path
0x000061077d582000 0x000061077d583000 0x0000000000001000 r-- /home/user/ctf-fcsc/file-checker-src/public/file-checker_remotelibc
0x000061077d583000 0x000061077d584000 0x0000000000001000 r-x /home/user/ctf-fcsc/file-checker-src/public/file-checker_remotelibc
0x000061077d584000 0x000061077d585000 0x0000000000001000 r-- /home/user/ctf-fcsc/file-checker-src/public/file-checker_remotelibc
0x000061077d585000 0x000061077d586000 0x0000000000001000 r-- /home/user/ctf-fcsc/file-checker-src/public/file-checker_remotelibc
0x000061077d586000 0x000061077d587000 0x0000000000001000 rw- /home/user/ctf-fcsc/file-checker-src/public/file-checker_remotelibc
0x000061077d587000 0x000061077d589000 0x0000000000002000 rw- /home/user/ctf-fcsc/file-checker-src/public/file-checker_remotelibc
0x0000715ebf600000 0x0000715ebf628000 0x0000000000028000 r-- /home/user/.cache/.pwntools-cache-3.11/libcdb_libs/8f2af70b7deed50338b9186c7dd60cef3826e18f/libc.so.6
0x0000715ebf628000 0x0000715ebf7b0000 0x0000000000188000 r-x /home/user/.cache/.pwntools-cache-3.11/libcdb_libs/8f2af70b7deed50338b9186c7dd60cef3826e18f/libc.so.6
0x0000715ebf7b0000 0x0000715ebf7ff000 0x000000000004f000 r-- /home/user/.cache/.pwntools-cache-3.11/libcdb_libs/8f2af70b7deed50338b9186c7dd60cef3826e18f/libc.so.6
0x0000715ebf7ff000 0x0000715ebf803000 0x0000000000004000 r-- /home/user/.cache/.pwntools-cache-3.11/libcdb_libs/8f2af70b7deed50338b9186c7dd60cef3826e18f/libc.so.6
0x0000715ebf803000 0x0000715ebf805000 0x0000000000002000 rw- /home/user/.cache/.pwntools-cache-3.11/libcdb_libs/8f2af70b7deed50338b9186c7dd60cef3826e18f/libc.so.6
0x0000715ebf805000 0x0000715ebf812000 0x000000000000d000 rw-
0x0000715ebf8fa000 0x0000715ebf8ff000 0x0000000000005000 rw-
0x0000715ebf8ff000 0x0000715ebf900000 0x0000000000001000 r-- /home/user/.cache/.pwntools-cache-3.11/libcdb_libs/8f2af70b7deed50338b9186c7dd60cef3826e18f/ld-linux-x86-64.so.2
0x0000715ebf900000 0x0000715ebf92b000 0x000000000002b000 r-x /home/user/.cache/.pwntools-cache-3.11/libcdb_libs/8f2af70b7deed50338b9186c7dd60cef3826e18f/ld-linux-x86-64.so.2
0x0000715ebf92b000 0x0000715ebf935000 0x000000000000a000 r-- /home/user/.cache/.pwntools-cache-3.11/libcdb_libs/8f2af70b7deed50338b9186c7dd60cef3826e18f/ld-linux-x86-64.so.2
0x0000715ebf935000 0x0000715ebf937000 0x0000000000002000 r-- /home/user/.cache/.pwntools-cache-3.11/libcdb_libs/8f2af70b7deed50338b9186c7dd60cef3826e18f/ld-linux-x86-64.so.2
0x0000715ebf937000 0x0000715ebf939000 0x0000000000002000 rw- /home/user/.cache/.pwntools-cache-3.11/libcdb_libs/8f2af70b7deed50338b9186c7dd60cef3826e18f/ld-linux-x86-64.so.2
0x00007fffda699000 0x00007fffda6ba000 0x0000000000021000 rw- [stack]
0x00007fffda711000 0x00007fffda715000 0x0000000000004000 r-- [vvar]
0x00007fffda715000 0x00007fffda717000 0x0000000000002000 r-x [vdso]
(remote) gef➤  print $_base("libc")
$1 = 0x61077d582000
(remote) gef➤  heap chunks
[!] Invalid arena

@ValekoZ
Fix bug on multiple matches in section search by name
b77a7cf 
- Search for name in filename instead of entire path when possible
- Warn the user when there are multiple matches
@ValekoZ
Fix bf for main_arena when multiple files matches the libc filter
778db84 
- Search for `libc` in filename instead of entire path
- If multiple matches, bf in every match instead of only the first one
@ValekoZ
Add precision to warning message in case of multiple matches
97b69f7
@github-actions GitHub Actions
Copy link

🤖 Coverage update for 97b69f7 🟢

Old New
Commit 429a0e5 97b69f7
Score 71.5407% 71.5598% (0.0191)

hugsy
hugsy requested changes Apr 14, 2024
View reviewed changes
Copy link
Owner

@hugsy hugsy left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few minor things to change.

It would be nice to add a test to process_lookup_path to make sure it's behaving the expected way and check for no-regression.

Other than that, it should be good

gef.py Outdated Show resolved Hide resolved
gef.py Outdated Show resolved Hide resolved
gef.py Outdated Show resolved Hide resolved
gef.py Outdated Show resolved Hide resolved
@hugsy hugsy added this to the 2024.05 milestone Apr 14, 2024
@ValekoZ
Copy link
Collaborator Author

ValekoZ commented Apr 14, 2024

A few minor things to change.

It would be nice to add a test to process_lookup_path to make sure it's behaving the expected way and check for no-regression.

Other than that, it should be good

I will try to do this test during the week :)

@github-actions GitHub Actions
Copy link

🤖 Coverage update for b98eaca 🟢

Old New
Commit 429a0e5 b98eaca
Score 71.5407% 71.5407% (0)

@github-actions GitHub Actions
Copy link

🤖 Coverage update for 3e591b8 🟢

Old New
Commit 429a0e5 3e591b8
Score 71.564% 71.564% (0)

@github-actions GitHub Actions
Copy link

🤖 Coverage update for f606b58 🟢

Old New
Commit 429a0e5 f606b58
Score 71.564% 71.564% (0)

@github-actions GitHub Actions
Copy link

🤖 Coverage update for 760d41e 🟢

Old New
Commit 429a0e5 760d41e
Score 71.564% 71.564% (0)

@ValekoZ ValekoZ requested a review from hugsy April 20, 2024 16:32
hugsy
hugsy requested changes Apr 22, 2024
View reviewed changes
Copy link
Owner

@hugsy hugsy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

some last touches

gef.py Outdated Show resolved Hide resolved
gef.py Outdated Show resolved Hide resolved
gef.py Outdated Show resolved Hide resolved
tests/regressions/filename_collision_lookup.py Show resolved Hide resolved
@github-actions GitHub Actions
Copy link

🤖 Coverage update for d411c6c 🟢

Old New
Commit 429a0e5 d411c6c
Score 71.6374% 71.6374% (0)

@ValekoZ ValekoZ requested a review from hugsy April 22, 2024 01:32
@hugsy hugsy merged commit 8031fda into hugsy:main Apr 23, 2024
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hugsy hugsy hugsy approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2024.06
Development

Successfully merging this pull request may close these issues.
2 participants
@ValekoZ @hugsy