Empty Space Size - Stage1 Payload is too Large

[diabl0w]

Hi, I am trying to run on a Z Fold 3 using "libtriplecam_video_optical_zoom.so" and your beta-4 release from the S22 thread.

I am getting an error:

Offset found: shellcode_offset: a5fe0 hook_offset: 5cbbc first instruction: a9be7bfd
Empty space size: 32 bytes
Stage1 payload (344 bytes) is too large. Exit.

I am not sure which empty space it is trying to check, and if there is anything I can do about it

[diabl0w]

I believe this is checking free space in libc++.so? If that is the case, attempting to understand https://raw.githubusercontent.com/polygraphene/DirtyPipe-Android/master/TECHNICAL-DETAILS.md, it seems that stage 1 is required because:

finit_module can load vendor_kernel_modules or vendor_file. Both are not readable by adb shell or non-system app. So kernel module must be prepared by other selinux contexts. init context can be used for that (stage1 payload).

I have access to run commands as system user UID 1000 from another exploit. Does that mean i can skip that part altogether then?

[diabl0w]

Whelp, i wasted a day on this. My kernel only goes up to 5.4 even on Android 13... WHOOPS lol