Techly NewsGet the app

Get the latest tech news

Pwning the Ladybird Browser


Intro Ladybird is a relatively new browser engine originating from the SerenityOS project. Currently, it’s in pre-alpha and improving quickly.

The real integer overflowin TypedArray looked really promising — but it seems hard to exploit, with all the bounds checks protectingvectors from bad accesses. In this case, the UAF occurs in the glibc malloc heap (since that’s where the argument buffer is allocated), rather than in a garbage-collected arena where a lot of objects actually reside. The malloc heap mainly holds backing buffers and such, introducing a bit of complexity when it comes to finding the right objects for a leak; although this is somewhat mitigated by the powerful primitives available.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Ladybird browser

Ladybird browser

Related news:

News photo

Ladybird browser to start using Swift language this fall

News photo

Ladybird browser spreads its wings

« Musk's AI isn’t tracking productivity. It’s tracking political alignment.
Marc Andreessen Says One Job Is Mostly Safe From AI: Venture Capitalist »