How Mayhem Helped Uncover a Security Vulnerability in RustOS (CVE-2022-36086)
ForAllSecure
DECEMBER 1, 2022
The target of interest for this example comes from Philipp Opperman's amazing " BlogOS ". This data structure manages a large, linear array of memory and provides convenient access to smaller, dynamically sized chunks of that memory to callers. We can't just call Heap::deallocate , for example, with a randomly generated pointer!
Let's personalize your content