Overzealous UaF/Double Free detection. #20
Comments
|
Hello, |
|
Sure. My apologies for the late response, I've been busy as well. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi. First off want to say that this is a pretty great tool and helps cut down on research time. Like everything it's prone to false positvies or negatives but it's been doing well so far.
Except when the C++ standard library is concerned. You see, these all point to the same call.
This very egregious result all points to one function. if you just glance over HLIL, you can see what might look like a double-free or use-after-free issue.
Except for the fact that if you actually look at the HLIL, it appears to be walking the arguments and freeing them. No occurence of freeing the same argument twice, nothing that looks like (to me) a use-after-free. Then again, I'm still learning the ropes of HLIL.
I can send the binary in question, though as it's a private affair it'd have to be over email or something. Either way, I'd suggest tuning the UaF/Double free/Free "issues" in general to be a lot less zealous, and if possible, ignore C++ standard library functions, because I doubt that if this were present, it'd have made it past the C++ standards committee.
Keep up the good work, regardless. Aside from the problems with free/operator delete, it has found actual bugs and does cut down on research time. If you can provide an email to where I can share the binary (and a few others that have had similar issues) I'd be happy to help you investigate the issue.
Best regards,
impost0r
The text was updated successfully, but these errors were encountered: