Techly NewsGet the app

Get the latest tech news

Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages


News and updates from the Project Zero team at Google

I’ll detail how I used a custom fuzzing harness, dynamic instrumentation, and plenty of debugging/static analysis to identify a high-risk type confusion vulnerability in the coreaudiod system daemon. A bit of research showed me that as of MacOS Big Sur, most framework binaries are not stored on disk but within the dyld shared cache, a mechanism for pre-linking libraries to allow applications to run faster. After many fuzzing harness iterations, lldb “next instruction” commands, and hours spent overheating my MacBook Pro, I had finally begun to acquire an understanding of the CoreAudio framework and generate some meaningful crashes.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Mach

Mach

Photo of sound barrier part

sound barrier part

Photo of coreaudio

coreaudio

Related news:

News photo

Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages

News photo

Pentagon's hypersonic milestone: Stratolaunch reusable vehicle breaks Mach 5

News photo

Ford’s electric Mach-E outsold the gas-powered Mustang for the first time

« Telum II at Hot Chips 2024: Mainframe with a Unique Caching Strategy
The Last of Us season two actor lands Intergalactic: The Heretic Prophet role after impressing Neil Druckmann on set »