earlier replies
Replying to @comex @marcan42 @lazytyped
if you're unsure if a given exploit technique is in scope just ask me.
2
(I do have other things to do, so it may be a few days before I have enough time, but no more than a week.)
1
given that you announced your intention a year ago, i think i can wait a little longer ;).
1
did you fix the issue I pointed out… I think it was a few months ago? with rbp/rsp
1
that nitter.vloup.ch/paxteam/status/8… ? the private version has always had a pass to undo the damage (and more that you aren't aware of yet).
PaX Team @paxteam
26 Apr 2017
Replying to @comex
you mean the gcc codegen 'feature' when frame ptrs are enabled? imagine it's fixed or frame ptrs are off and work from there.
1
does the public one have it now or do i just have to guess what works and what doesn’t?
1
no it does not but you can also tell by looking at the generated asm, no need to guess. i suggested to disable frame ptrs as an alternative.
1
huh? i asked for a binary of the private version and you said no. so how could i tell by looking at the generated asm?
1
you asked if the public one had it and you can certainly look at its output.
1
my point is that i don’t care about exploring or exploiting issues that only exist in the public, now deprecated version. obviously.
1
Replying to @comex @marcan42 @lazytyped
then i don't get why you asked about the public one...

Apr 29, 2017 · 10:38 PM UTC

1
Replying to @paxteam @marcan42 @lazytyped
if the mitigation for that particular issue were in the public version, I wouldn’t have to guess whether it was a bug in the private version
1
2
you never had to guess as i told you back then that it wasn't an issue at all.
1