runtime: errorCString can be used to read arbitrary memory #7084
Labels
Milestone
Comments
This issue was closed.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
This cute little program demonstrates how to use runtime.errorCString to read arbitrary contents of memory. The key is that errorCString has a public method that does an unsafe operation, and that errorCString is a uintptr so once one has a copy of an errorCString value, one can use reflect to produce an errorCString with any value you like. This doesn't let you do anything you can't already do by importing unsafe, but it does let you do it without, well, importing unsafe. We should fix errorCString to prevent this. package main import ( "fmt" "reflect" ) // Display a hex dump of myself! Without using the unsafe module! // All we need is a C-string backed error object... func memwalk(e error) { var addr uint64 = 0x400000 // Or use reflect.ValueOf(e).Uint() to start at e... mutableValue := reflect.New(reflect.ValueOf(e).Type()).Elem() for { fmt.Printf("%016x: ", addr) var i uint64 for i = 0; i <= 0xF; i++ { mutableValue.SetUint(addr + i) s := mutableValue.Interface().(error).Error() var b uint8 = 0 if len(s) > 15 { b = s[15] } fmt.Printf("%02x ", b) } fmt.Printf("| ") for i = 0; i <= 0xF; i++ { mutableValue.SetUint(addr + i) s := mutableValue.Interface().(error).Error() var b uint8 = 0 if len(s) > 15 { b = s[15] } if b >= ' ' && b <= '~' { fmt.Printf("%c", b) } else { fmt.Print(".") } } fmt.Print("\n") addr += 0x10 } } // The main program of the memory dumper. func main() { defer func() { memwalk(recover().(error)) }() // Produce a C string backed error somehow... c := make(chan int) close(c) c <- 42 }The text was updated successfully, but these errors were encountered: