168 - Exploiting Undefined Behavior and a Chrome UAF
2022-11-17 07:45:31 Author: dayzerosec.com(查看原文) 阅读量:8 收藏

No specific issue here just talking about what divergent representations are.

A divergent representation occurs when a compiler applies program optimizations that cause a single source variable to be represented with different semantics in the output program.

Or in a more concrete sense where:

int index_of(char *buf, char target) {
    int i;
    for (i=0; buf[i] != target; i++) {}
    return i;
}
/* ... */
buf[index_of(buf, target)] == target

Where the condition can be false because of having divergent representations of i in index of. Which is what happens when compiled wiht -O1 and above.


文章来源: https://dayzerosec.com/podcast/168.html
如有侵权请联系:admin#unsafe.sh