oss-sec mailing list archives
Suspicious hook-loading mechanism in hyprland
From: Sam James <sam () gentoo org>
Date: Sun, 28 Apr 2024 16:34:01 +0100
Hi! Someone passed along https://blog.vaxry.net/articles/2024-own-malloc to me, and I noticed some curious bits. hyprland seems to have committed an interesting homebrew malloc implementation (which is fine in theory), but the reasons for it existing & how it works are not so fine. Fisrt, it relies on writing an object file at a predictable path in /tmp and reading it back later. It was needed to facilitate a trampoline which looks.. unsound. The whole hook system looks terrifying. Initial reading: * https://github.com/hyprwm/Hyprland/blob/965a2e5b213eee595808bc7bff28e7df59442720/src/plugins/HookSystem.cpp#L138 * https://github.com/hyprwm/Hyprland/blob/965a2e5b213eee595808bc7bff28e7df59442720/src/plugins/HookSystem.cpp#L188 There are some primitives that may be useful even once the hook setup is done too. I have charitably termed the mechanism "not robust". I haven't reported it upstream because of their hostility on other matters. I don't feel too guilty about not having reported it given it fell out so immediately upon inspection. I don't plan on spending more time on this, sorry, but I felt like I had to share it. thanks, sam
Attachment:
signature.asc
Description:
Current thread:
- Suspicious hook-loading mechanism in hyprland Sam James (Apr 28)