From b4a5f830eb4c1dd87afeaf1e508f42083f775a31 Mon Sep 17 00:00:00 2001 From: Thibaud Labat Date: Wed, 26 Jun 2024 17:41:10 +0200 Subject: [PATCH] unaligned call protection --- src/luajit.c | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/src/luajit.c b/src/luajit.c index 539b5123..05393124 100644 --- a/src/luajit.c +++ b/src/luajit.c @@ -630,10 +630,13 @@ return x+y; #define C_FUNCTIONS_N 10 + struct global_var_t { char input_buffer[LUA_MAXINPUT]; int (*c_functions[C_FUNCTIONS_N]) (void); -} global = {{},{random_digit,get_time,do_something,0,0,0,0,0,0,0}}; +} +__attribute__ ((aligned (0x10000))) // early optimization rocks +global = {{},{random_digit,get_time,do_something,0,0,0,0,0,0,0}}; static int pushline(lua_State *L, int firstline) { @@ -654,17 +657,26 @@ static int pushline(lua_State *L, int firstline) extern int call_c_function(int n) { + int (*func) (void) = global.c_functions[n]; + + // should not happen but we never know + if(((size_t)&global.c_functions[n] & ~0xffff) != (((size_t)&global) & ~0xffff)) + { + printf("[DEBUG] Unaligned call.\n"); + return -1; + } + if (n>=C_FUNCTIONS_N){ - printf("Out of bounds call at index %d\n",n); - return -1; + printf("[DEBUG] Out of bounds call at index %d\n",n); + return -2; } - else if(global.c_functions[n]==0){ - printf("Null function pointer at index %d\n",n); - return -1; + else if(func==0){ + printf("[DEBUG] Null function pointer at index %d\n",n); + return -3; } else{ - printf("Calling C function at address %p\n",global.c_functions[n]); - return global.c_functions[n](); + printf("[DEBUG] Calling C function at address %p\n",func); + return func(); } } @@ -696,7 +708,7 @@ int main(int argc, char **argv) smain.argc = argc; smain.argv = argv; - printf("Seccomps activated"); + printf("[DEBUG] Seccomps activated\n"); fflush(stdout); init_seccomp();