-
Notifications
You must be signed in to change notification settings - Fork 29
/
Copy pathAllocation.py
77 lines (57 loc) · 2.08 KB
/
Allocation.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
"""
This file is part of SEA.
reserbot is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
reserbot is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with SEA. If not, see <http://www.gnu.org/licenses/>.
Copyright 2013 by neuromancer
"""
class Allocation:
buffers = dict()
dfrees = []
overflows= []
uaf = []
def __init__(self):
self.buffers = dict()
def alloc(self, address, counter, size):
self.buffers["h.0x"+str(address)+"."+str(counter)] = size
def free(self, buf, counter):
if (buf in self.buffers):
del self.buffers[buf]
else:
self.dfrees.append((buf, counter))
def check(self, memaccess, counter):
mem_source = memaccess["source"]
mem_offset = memaccess["offset"]
if ("h." in mem_source):
if (not (mem_source in self.buffers.keys())):
self.uaf.append((mem_source, counter))
else:
size = self.buffers[mem_source]
if (mem_offset >= size):
self.overflows.append((mem_source, mem_offset, counter))
def report(self):
if (len(self.buffers) > 0):
print "Live buffers:"
print self.buffers
else:
print "No live buffers."
if (self.overflows <> []):
print "Heap overflow detected!"
for (s,o,c) in self.overflows:
print s, "("+str(o)+")", "at", c
if (self.uaf <> []):
print "Use-after-free detected!"
for (s,c) in self.uaf:
print s, "at", c
if (self.dfrees <> []):
print "Double frees detected!"
for (s,c) in self.dfrees:
print s, "at", c
#AllocationLog = Allocation()