-
[Fantasy🧚♂️Time⏰] MTE-Assisted Temporal Memory Safety Protection
What is MTE?ARM Memory Tagging Extension (MTE) is a security feature designed to mitigate common memory-related vulnerabiliti... -
【负能量向】100名博士的村庄
在偶然的一天,我在YouTube上看到了一个名为「創作童話 博士が100人いる村」的视频 。这个视频引起了我的兴趣,它涉及到一个关于读博士的话题,让我联想到在中文圈和英语圈都有一些经典的文章,旨在劝告那些想要读博士的人仔细考虑。例如我当年看过的经典劝... -
Some weird things about memory access in Linux
In-field Overflow AccessIn lib/xz/xz_dec_lzma2.c, we can find the following code: 12345678910static void lzma_reset(struct xz... -
Kernel Sanitizer Details
Tips 尽管用户态的Memory Sanitizer是原始内存和对应的shadow memory一起使用,的对应关系是静态的。但是KMSAN的shadow memory是动态分配的,每个页对应的shadow page存储在struct page中。... -
UAF Sanitization Reimagined: A Look at a Lightweight Solution
MotivationUAF, or use after free, is a common vulnerability in C/C++ programs. It occurs when a pointer to a freed memor... -
DIY Sanitizer: How to Add Your Own Pass in LLVM
In this passage, I will demonstrate how to integrate your pass into LLVM. The new pass is called “OverflowDefense”, and it is... -
[本科总结]何为正确的道路
(文章正在审核中,暂时不可见) -
从零开始的单片机
本篇文章讲述了如何在STM32F411上开发一个简单的LED灯闪烁的程序并讲解了单片机运行固件的具体流程。理论上来说,学习单片机的难度是严格小于学习操作系统和计算机体系结构这两门课程的难度。因为这两门课程探究的是现代计算机这样一个拥有优秀的性能以及... -
Heap Exploitation CheatSheet
Glibc Check List 函数名 检查 报错信息 unlink p->size == nextchunk->pre_size corrupted size vs prev_size unlink ... -
Emacs Config in OI
简介在VSCode大行其道的今天,emacs已经不再是OIer的首选编辑器了,但是emacs毕竟陪伴了我很久,让我无法放弃它,所以我决定把我的emacs配置备份在此 : 功能一览 隐藏多余的控件 123(menu-bar-mode 0)(tool...
What are the rules of the world?