Re:Install a fix not from Apple? Fat Chance
on
Month of Apple Fixes
·
· Score: 1
Hi Landon, thanks for the fix.
One concern I'd like to point out (having looked at your source) is that you use NSAddImage to load the QuickTimeStreaming component in order to resolve the address of the problem function. The concern is that every process will then have the QuickTimeStreaming component and its dependencies loaded into memory.
Aside from the excess use of address space that you point out, this may unintentionally expose more applications to bugs from frameworks they don't normally link against, such as:
QuickTime
QuickTimeStreaming
Carbon
SystemConfiguration
Security
AudioToolbox
AudioUnit
libobjc
I wouldn't be surprised to see these guys take advantage of this in a future exploit.
I'm not too familiar with dyld or APE patching unfortunately so I don't have a solution to offer. Ideally, one can patch only those apps or bundles that link against the QTS framework themselves.
Slashdot Mirror
Hi Landon, thanks for the fix.
One concern I'd like to point out (having looked at your source) is that you use NSAddImage to load the QuickTimeStreaming component in order to resolve the address of the problem function. The concern is that every process will then have the QuickTimeStreaming component and its dependencies loaded into memory.
Aside from the excess use of address space that you point out, this may unintentionally expose more applications to bugs from frameworks they don't normally link against, such as:
I wouldn't be surprised to see these guys take advantage of this in a future exploit.
I'm not too familiar with dyld or APE patching unfortunately so I don't have a solution to offer. Ideally, one can patch only those apps or bundles that link against the QTS framework themselves.