Add kernelCTF CVE-2024-52925_mitigaiton #166
Conversation
koczkatamas
force-pushed
the
master
branch
3 times, most recently
from
933028d to
c111d81
Compare
koczkatamas
force-pushed
the
master
branch
13 times, most recently
from
76d6b57 to
bf0d68f
Compare
There was a problem hiding this comment.
Hey,
This is just a quick code quality review. We're planning to review the submissions more deeply (actually understanding what the exploit does) next week.
In general, the code quality looks good, no major concerns. I've left a few smaller comments here and please also apply the changes asked in the other PRs (#161, #162) here as well.
We also have a draft style guide now. Please take a look and let us know if it's helpful for understanding our code quality expectations: https://google.github.io/security-research/kernelctf/style_guide.
Thanks for the submission and PR!
| printf("using kernel base %llx\n", base); | ||
|
|
||
| kbase = base; | ||
| // i64 diff = 0xffffffff81000000 - base; |
There was a problem hiding this comment.
Please remove the commented out, unused code: https://google.github.io/security-research/kernelctf/style_guide#commented-out-code
|
|
||
| rop_chain((uint64_t*) buf); | ||
|
|
||
| spray_sendmsg(); |
There was a problem hiding this comment.
Are you calling this twice intentionally or by mistake? If the former, then can you comment here why? See more her: https://google.github.io/security-research/kernelctf/style_guide#explain-duplicated-lines
No description provided.