标签归档 » CVE-2015-0311

CVE-2015-0311 debug notes

This is my first time to analysis the flash sample. And I will show some skills and experience how to analysis the flash sample. —- (1) root cause analysis ApplicationDomain.currentDomain.domainMemory will point to a global array we defined. When we do some operation on this array, some exceptions will happened. we first compress the array, then we corrupt the array, after this, we uncompress the array, because the data in the array we changed, it will failed, and it has not notified the domainMemory, So the domainMemory still point to a old array we has free. Note: we can find the code in the avmplus(open source). —- (2) how to start First we need to find the functions in the …..