Http: switch to subcategories

2011-10-03T07:13:32Z

switch to subcategories

Http: another page for category Patches - also from Stefan Esser's BlackHat presentation

2011-09-25T21:12:48Z

another page for category Patches - also from Stefan Esser's BlackHat presentation

New page

{{DISPLAYTITLE:vm_map_enter Patch}}
*vm_map_enter disallows pages with both VM_PROT_WRITE and VM_PROT_EXECUTE
*when found VM_PROT_EXECUTE is cleared
*patch just NOPs out the check

__text:8004193E LDR R6, [SP,#0xCC+arg_14]
__text:80041940 STR R3, [SP,#0xCC+arg_54]
__text:80041942 BNE loc_8004199E
__text:80041944 TST.W R6, #2
__text:80041948 BNE loc_800419AC <== replaced with NOP
__text:8004194A
__text:8004194A loc_8004194A ; CODE XREF: _vm_map_enter+90↓j
__text:8004194A ; _vm_map_enter+96↓j ...
__text:8004194A LSRS R3, R4, #1
__text:8004194C AND.W R5, R3, #1

__text:800419AC ; ---------------------------------------------------------------------------
__text:800419AC
__text:800419AC loc_800419AC ; CODE XREF: _vm_map_enter+28↑j
__text:800419AC TST.W R6, #4
__text:800419B0 BEQ loc_8004194A
__text:800419B2 ANDS.W R0, R4, #0x80000
__text:800419B6 BNE loc_8004194A
__text:800419B8 LDR.W R1, =aVm_map_enter ; "vm_map_enter"
__text:800419BC BL sub_8001A9E0
__text:800419C0 BIC.W R6, R6, #4
__text:800419C4 B loc_8004194A
__text:800419C6 ; ---------------------------------------------------------------------------
[[Category:Patches]]

@@ Line 27: / Line 27: @@
  __text:800419C4                 B               loc_8004194A
  __text:800419C6 ; ---------------------------------------------------------------------------
-[[Category:Patches]]
+[[Category:Kernel Patches]]

Vm map enter Patch - Revision history

Http: switch to subcategories

Http: another page for category Patches - also from Stefan Esser's BlackHat presentation