[tor-bugs] #15138 [Tor Browser]: Investigate TBB 4.5 hardening (e.g. DEP/ASLR) on all Platforms
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Apr 7 15:42:03 UTC 2015
#15138: Investigate TBB 4.5 hardening (e.g. DEP/ASLR) on all Platforms
--------------------------+------------------------------------------------
Reporter: tom | Owner: tom
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor | Version:
Browser | Keywords: tbb-security, TorBrowserTeam201504
Resolution: | Parent ID:
Actual Points: |
Points: |
--------------------------+------------------------------------------------
Comment (by cypherpunks):
> for /GS (Visual Studio-compiled) binaries
It's possible to use hex-string pattern, not long-term solution, but for
the same version of VS it should to generate the same opcodes if secure
cookies used for function.
Like for x86, it generates:
{{{
mov eax, ___security_cookie_at_xxxxxxxx
xor eax, ebp
mov [ebp+xx], eax
}}}
it is "A1 xx xx xx xx 33 C5 89 45 xx". Possible false positive results.
Kludgy, buggy, but possible.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15138#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list