Closed ghost closed 6 years ago
Sorry I raised above query using my official github account and hence deleted it. I am interested in knowing from you if there exists vulnerabilities by hijacking control flow in EOS or if that is not possible?
For example, can I do something like this to override a system call with my own call?
https://github.com/trailofbits/clang-cfi-showcase/blob/master/cfi_vcall.cpp
Does EOS use CFI?
I don't think this will happen on EOS, as by default it uses interpretation to execute contracts.
EOS.IO is not vulnerable to system call hijacking. Each contract gets its own copies of the eosiolib calls it uses. Contracts do not call into some common library on the chain. Contracts can not modify contracts on other accounts without an explicit authorization. Providing your own version of some other contract's functions does not interact with that other contract at all and does not somehow inherit or hijack that contract's permissions.
https://www.fastly.com/blog/hijacking-control-flow-webassembly-program