top | item 39892264

(no title)

Valgrind will tell you about memory leaks and won't always behave the way it did here when there's a backdoor. In this case it just so happened that valgrind was throwing errors because the stack layout didn't match what the exploit was expecting. Otherwise valgrind would have probably worked without issues.

discuss

rowanG077|1 year ago

The idea is not "valgrind will detect all tomfoolery". The idea here is "if valgrind detects something it may be an indication of tomfoolery.'

farmdve|1 year ago

Exactly.

Also remember this

>> odd valgrind complaint in automated testing of postgres

I would imagine compiling a list of odd complaints may yield something , or nothing at all.

valevk|1 year ago

> the stack layout didn't match what the exploit was expecting.

What does that mean? Why is the exploit expecting something from the stack layout and why does valgrind complain?

galangalalgol|1 year ago

I am also curious, and if something like asan would also have found it? It seems social engineering was used to get MS to stop fuzzing the library for malicious code, so if the malicious party expected the valgrind behavior they might have removed it as well.