Friday, August 21, 2020

C++ Std::Condition_Variable Null Pointer Derreference


This story is about a bug generated by g++ and clang compilers (at least)
The condition_variables is a feature on the standard library of c++ (libstdc++), when its compiled statically a weird asm code is generated.


Any example on the link below will crash if its compiled statically:
 https://en.cppreference.com/w/cpp/thread/condition_variable



In this case the condition_variable.wait() crashed, but this happens with other methods, a simple way to trigger it:




If this program is compiled dynamically the crash doesn't occur:

Looking the dissasembly there is a surprise created by the compiler:


Compilers:
    g++  9.2.1+20200130-2
    clang++ v9

Both compilers are generating the "call 0x00"

If we check this call in a dynamic compiled:




The implementation of condition_variable in github:
https://github.com/gcc-mirror/gcc/blob/b7c9bd36eaacac42631b882dc67a6f0db94de21c/libstdc%2B%2B-v3/include/std/condition_variable


The compilers can't copile well this code in static,  and same happens on  other condition_variable methods.
I would say the _lock is being assembled improperly in static, is not exacly a null pointer derreference but the effects are the same, executing code at address 0x00 which on linux is a crash on most of cases.

Related posts


  1. Hacker Tools Apk
  2. How To Install Pentest Tools In Ubuntu
  3. Hacker Tools For Mac
  4. Hacking Tools Online
  5. Pentest Box Tools Download
  6. Hack Tools For Windows
  7. Hack Tools Online
  8. Hacker Tools Apk
  9. Pentest Tools Alternative
  10. Wifi Hacker Tools For Windows
  11. Pentest Tools Website
  12. Hack Apps
  13. Pentest Tools Apk
  14. Hacker Tools For Pc
  15. Hacking Tools Windows
  16. Hacker Tool Kit
  17. Growth Hacker Tools
  18. Hacking Tools Online
  19. Hacker Tools Hardware
  20. Hacking Tools For Beginners
  21. Hacker Tools
  22. Tools 4 Hack
  23. Hacker Tools Apk
  24. Hacking Tools For Windows 7
  25. Kik Hack Tools
  26. Best Hacking Tools 2019
  27. Hacker Security Tools
  28. Github Hacking Tools
  29. Hacker Tools Free
  30. Hacker Search Tools
  31. Hacking App
  32. Usb Pentest Tools
  33. Hack Tools Download
  34. Hacker Hardware Tools
  35. Hack App
  36. Pentest Reporting Tools
  37. Hack Tools For Games
  38. Pentest Tools List
  39. Pentest Tools Review
  40. Hack Tools For Pc
  41. Game Hacking
  42. Pentest Tools Bluekeep
  43. Hacker Tools Apk Download
  44. Hacker Tools For Ios
  45. Hacking Apps
  46. Hacker Tools Linux
  47. Hacking Tools Online
  48. Wifi Hacker Tools For Windows
  49. Pentest Tools Website
  50. Bluetooth Hacking Tools Kali
  51. Pentest Tools For Android
  52. Hack Tools Pc
  53. Android Hack Tools Github
  54. Best Hacking Tools 2019
  55. Hacking Tools Kit
  56. Hackers Toolbox
  57. Hack Tools For Mac
  58. Hacker Tools Apk Download
  59. Pentest Tools Kali Linux
  60. Pentest Recon Tools
  61. Best Pentesting Tools 2018
  62. Best Hacking Tools 2019
  63. Hacker Tools Hardware
  64. Best Pentesting Tools 2018
  65. Beginner Hacker Tools
  66. Pentest Tools For Mac
  67. Pentest Tools For Windows
  68. Pentest Tools Framework
  69. Hacking Tools 2019
  70. Computer Hacker
  71. Hacker
  72. Hacker Hardware Tools
  73. Hack App
  74. Hacking Tools Pc
  75. Hacker Tools
  76. Hacking Tools For Windows
  77. Pentest Tools Online
  78. Pentest Tools Android
  79. Pentest Tools Bluekeep
  80. Pentest Tools Find Subdomains
  81. Hack Tools For Windows
  82. Pentest Tools Nmap
  83. Pentest Tools Bluekeep
  84. Hacker Tools 2019
  85. Hacking Tools Usb
  86. Pentest Tools For Windows
  87. Computer Hacker
  88. Hack Apps
  89. Hacking Tools Windows 10
  90. Hacking Tools
  91. World No 1 Hacker Software
  92. Hackers Toolbox
  93. Hack Tools
  94. Pentest Tools Linux
  95. Hacker Hardware Tools
  96. Pentest Box Tools Download
  97. Hack Tools Mac
  98. Pentest Tools Nmap
  99. World No 1 Hacker Software
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)