Based on the author’s name, I think the audience is likely exploit developers. If you’ve found a memory corruption vulnerability in a program written in C/C++, you’ll likely need to have fine control of the heap in order to achieve control of execution. For example, imagine you’ve found a heap overflow, meaning data is being written outside the bounds of an allocation into an adjacent allocation. In that case you’d need to understand where glibc places each allocation so that you can control which object gets overwritten.
No comments yet.