dismantl
commented
8 years ago You're right, it would add an extra word if the payload length was already word-aligned. Since the newly allocated payload buffer is filled with NOPs before the shellcode is copied into it, it shouldn't affect the functionality. But for the sake of code cleanliness, I'm happy to accept a pull request that fixes this. Thanks for pointing it out.
IIUC 17d4a603fc8ca330cc12f0bef0b8deb6ea3f638a modified
ptrace_writememto expect the size of its input to be word-aligned. It did this by pushing the alignment adjustment outwards intoptrace_writemem's callers. However, the new alignment adjustment is not equivalent. In particular, prior to this commit the size would not be adjusted if it was already word-aligned. Following this commit a word-aligned size is incremented by another word. I'm unsure if this was intentional or not, but it looks to me as if this extra word is unnecessary and goes unused. If you agree with this assessment and are happy to take a pull request, I can have a go at changing this to only increase the size when it's not already word-aligned. Thanks!