miércoles, 31 de mayo de 2023

C++ Std::Condition_Variable Null Pointer Derreference


This story is about a bug generated by g++ and clang compilers (at least)
The condition_variables is a feature on the standard library of c++ (libstdc++), when its compiled statically a weird asm code is generated.


Any example on the link below will crash if its compiled statically:
 https://en.cppreference.com/w/cpp/thread/condition_variable



In this case the condition_variable.wait() crashed, but this happens with other methods, a simple way to trigger it:




If this program is compiled dynamically the crash doesn't occur:

Looking the dissasembly there is a surprise created by the compiler:


Compilers:
    g++  9.2.1+20200130-2
    clang++ v9

Both compilers are generating the "call 0x00"

If we check this call in a dynamic compiled:




The implementation of condition_variable in github:
https://github.com/gcc-mirror/gcc/blob/b7c9bd36eaacac42631b882dc67a6f0db94de21c/libstdc%2B%2B-v3/include/std/condition_variable


The compilers can't copile well this code in static,  and same happens on  other condition_variable methods.
I would say the _lock is being assembled improperly in static, is not exacly a null pointer derreference but the effects are the same, executing code at address 0x00 which on linux is a crash on most of cases.

Related articles


  1. Hack Tools Mac
  2. Pentest Tools Nmap
  3. Hacks And Tools
  4. Hack Apps
  5. Top Pentest Tools
  6. Pentest Tools Alternative
  7. Growth Hacker Tools
  8. Hacking Tools For Pc
  9. Hackers Toolbox
  10. Hacker Search Tools
  11. Nsa Hacker Tools
  12. Hacking Tools Kit
  13. Computer Hacker
  14. Hacking Tools For Beginners
  15. Hacking Tools Kit
  16. Hacking Tools For Windows 7
  17. Hackers Toolbox
  18. Hacker Hardware Tools
  19. Hacks And Tools
  20. Hack Tools For Ubuntu
  21. Hack Tools 2019
  22. Pentest Tools Url Fuzzer
  23. Tools For Hacker
  24. How To Install Pentest Tools In Ubuntu
  25. Pentest Tools Online
  26. Pentest Tools Port Scanner
  27. Hacking Tools For Beginners
  28. Tools 4 Hack
  29. Pentest Tools Website Vulnerability
  30. What Is Hacking Tools
  31. Hacker Tool Kit
  32. Best Hacking Tools 2019
  33. Hack Tools
  34. Pentest Tools Android
  35. Hacking Tools Download
  36. Hacking Tools Mac
  37. Hacking Tools Windows 10
  38. Hacking Tools For Games
  39. Usb Pentest Tools
  40. World No 1 Hacker Software
  41. Pentest Box Tools Download
  42. Termux Hacking Tools 2019
  43. Install Pentest Tools Ubuntu
  44. Hacking Tools Download
  45. Ethical Hacker Tools
  46. Pentest Box Tools Download
  47. Hacker Tools Mac
  48. Hak5 Tools
  49. Tools For Hacker
  50. Hacking Tools Software
  51. New Hack Tools
  52. Github Hacking Tools
  53. Pentest Tools Bluekeep
  54. Hacker Tools For Ios
  55. Hacking Tools
  56. Pentest Tools Alternative
  57. Hacker Tools Software
  58. Hacking Tools For Windows Free Download
  59. Growth Hacker Tools
  60. Pentest Tools
  61. Hack Tools 2019
  62. Hacker Tools For Windows
  63. Hack Tools Online
Publicado por en

No hay comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)