[PATCH 3/5] leaking_addresses: add range check for vsyscall memory
From: Tobin C. Harding
Date: Wed Dec 06 2017 - 23:33:26 EST
Currently script checks only first and last address in the vsyscall
memory range. We can do better than this.
When checking for false positives against $match, convert $match to
a hexadecimal value then check if it lies within the range of vsyscall
addresses.
Signed-off-by: Tobin C. Harding <me@xxxxxxxx>
---
scripts/leaking_addresses.pl | 20 ++++++++++++++------
1 file changed, 14 insertions(+), 6 deletions(-)
diff --git a/scripts/leaking_addresses.pl b/scripts/leaking_addresses.pl
index 066c609b1adb..cb69ccd4153a 100755
--- a/scripts/leaking_addresses.pl
+++ b/scripts/leaking_addresses.pl
@@ -20,6 +20,7 @@ use Cwd 'abs_path';
use Term::ANSIColor qw(:constants);
use Getopt::Long qw(:config no_auto_abbrev);
use Config;
+use bigint qw/hex/;
my $P = $0;
my $V = '0.01';
@@ -196,17 +197,24 @@ sub is_false_positive
return 1;
}
- if (is_x86_64()) {
- # vsyscall memory region, we should probably check against a range here.
- if ($match =~ '\bf{10}600000\b' or
- $match =~ '\bf{10}601000\b') {
- return 1;
- }
+ if (is_x86_64() and is_in_vsyscall_memory_region($match)) {
+ return 1;
}
return 0;
}
+sub is_in_vsyscall_memory_region
+{
+ my ($match) = @_;
+
+ my $hex = hex($match);
+ my $region_min = hex("0xffffffffff600000");
+ my $region_max = hex("0xffffffffff601000");
+
+ return ($hex >= $region_min and $hex <= $region_max);
+}
+
# True if argument potentially contains a kernel address.
sub may_leak_address
{
--
2.7.4