develooper Front page | perl.perl5.porters | Postings from June 2013

Mayhem heads up

Thread Next
From:
Reini Urban
Date:
June 28, 2013 12:52
Subject:
Mayhem heads up
Message ID:
CAHiT=DEOkESERd0D26-6Y3yPLcT0KUB_D4yuK5nSOT+CQ4cg+g@mail.gmail.com
See http://lists.debian.org/debian-devel/2013/06/msg00720.html

Those perl packages are currentty affected:
eperl, perl-byacc, perl5i
See http://forallsecure.com/reports/dd-list.txt

This is not really impressive, compared to the number of found asan bugs.

But the mayhem paper at
http://users.ece.cmu.edu/~arebert/papers/mayhem-oakland-12.pdf says:
In this paper we present MAYHEM, a new system for automatically ļ¬nding
exploitable bugs in binary (i.e., executable) programs. Every bug
reported by MAYHEM is accompanied by a working shell-spawning exploit.
The working
exploits ensure soundness and that each bug report is security
critical and actionable....

Most found bugs are stack overflows and format strings exploitations.
Looks like a better valgrind/memcheck to me, with the "advantage" to
create reproducers.
--
Reini Urban
http://cpanel.net/   http://www.perl-compiler.org/

Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About