underhanded | The ultimate underhanded dotfiles | Configuration Management library

by ayust Shell Version: Current License: MIT

X-Ray Key Features Code Snippets Community Discussions(1)Vulnerabilities Install Support

kandi X-RAY | underhanded Summary

underhanded is a Shell library typically used in Devops, Configuration Management applications. underhanded has no bugs, it has no vulnerabilities, it has a Permissive License and it has low support. You can download it from GitHub.

The ultimate underhanded dotfiles. In particular, these are intended to be clever and devious, not (just) mean.

Support

Quality

Security

License

Reuse

Support

underhanded has a low active ecosystem.

It has 252 star(s) with 21 fork(s). There are 11 watchers for this library.

It had no major release in the last 6 months.

There are 0 open issues and 1 have been closed. There are 1 open pull requests and 0 closed requests.

It has a neutral sentiment in the developer community.

The latest version of underhanded is current.

Quality

underhanded has 0 bugs and 0 code smells.

Security

underhanded has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

underhanded code analysis shows 0 unresolved vulnerabilities.

There are 0 security hotspots that need review.

License

underhanded is licensed under the MIT License. This license is Permissive.

Permissive licenses have the least restrictions, and you can use them in most projects.

Reuse

underhanded releases are not available. You will need to build from source code and install.

Top functions reviewed by kandi - BETA

kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of underhanded

Get all kandi verified functions for this library.

underhanded Key Features

No Key Features are available at this moment for underhanded.

underhanded Examples and Code Snippets

No Code Snippets are available at this moment for underhanded.

Community Discussions

Trending Discussions on underhanded

Is there a way to reliably malloc the same block of memory as a previously freed block, then access the content that was previously in it?

QUESTION

Is there a way to reliably malloc the same block of memory as a previously freed block, then access the content that was previously in it?

Asked 2021-Mar-03 at 10:30

I have the following C program which requests some memory (str1), reads the content of a file into that space then frees it. Next, a block of the same size (str2) is requested, and the content is printed to stdout.

What I want is for str2 to contain the content of str1 so that the output is always the content of the file.

I am aware that what I am doing is undefined behaviour, in that I can't guarantee what the content of memory that has been allocated will contain. However, I'm trying to do some underhanded stuff for a demonstration where data from a file can be exfiltrated without it being obvious in a code review.

Almost all the time, I receive a block of memory at the same address for both str1 and str2, and most of the time when I run the program on macOS and Windows, the content of the file is printed. It seems to never happen on Linux (on Linux, calling free() seems to zero out the memory block).

Is there a way of making this more reliable on Windows and macOS, and is there any explanation for why it doesn't work at all on Linux?

My code is:

...

ANSWER

Answered 2021-Mar-03 at 09:32

Is there a way to reliably malloc the same block of memory as a previously freed block

Yes, use realloc instead of free + malloc. Otherwise there's no reliable or safe way to get the exact amount at the same address.

I receive a block of memory at the same address for both str1 and str2

Well there's not much else going on in this simple program, so perhaps no wonder. There's no guarantees though. Also, unless you actually do a write access to the heap, the memory allocation might not actually be called. So str2 could just be some random address in case the whole malloc call gets optimized away. Or alternatively, malloc is called but the OS never allocates any actual memory.

is there any explanation for why it doesn't work at all on Linux?

I don't know but I suspect ASLR might have something to with it. Some Linux guru will have to answer that part.

Source https://stackoverflow.com/questions/66454053

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install underhanded

You can download it from GitHub.

Support

For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .

Find more information at: