search

xoreaxeaxeax / sandsifter

The x86 processor fuzzer
BSD 3-Clause "New" or "Revised" License
4.91k stars 350 forks source link

RWX mprotect #57

Open lanodan opened 7 years ago

lanodan commented 7 years ago

I am using Gentoo Hardened (and so I have W^X protection with the PaX/grsecurity patches).

$ su -c './sifter.py --unk --dis --len --sync --tick -- -P1 -t'
Password:
injector: injector.c:1410: int main(int, char **): Assertion `!mprotect(packet_buffer,PAGE_SIZE,PROT_READ|PROT_WRITE|PROT_EXEC)' failed.
$ su -c dmesg
Password:
…
[246009.553043] grsec: denied RWX mprotect of <heap> by /mnt/gentoo/home/haelwenn/Sources/git/github.com/xoreaxeaxeax/sandsifter/injector[injector:5204] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/python2.7[python2:5201] uid/euid:0/0 gid/egid:0/0
[246009.553135] grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /mnt/gentoo/home/haelwenn/Sources/git/github.com/xoreaxeaxeax/sandsifter/injector[injector:5204] uid/euid:0/0 gid/egid:0/0,
parent /usr/bin/python2.7[python2:5201] uid/euid:0/0 gid/egid:0/0
ljmccarthy commented 6 years ago

I have the same issue on Alpine Linux.

usury commented 6 years ago

I saw a similar problem on a linux system with selinux enabled. Assigning "injector" to a proper context and "auditing to allow" worked for me

ausearch -c 'injector' --raw | audit2allow -M my-injector