Interprocess Use of Uninitialized Memory detection using REVEN

09 Mar 2021 by Quentin and Louis - REVEN - Reverse Engineering Vulnerability Detection Analysis API Taint REVEN

Continuing in the series of vulnerability detection scripts, such as the BoF article and the UAF article, today’s article introduces a notebook to detect uses of uninitialized heap memory in REVEN scenarios. In memory unsafe languages such as C, it is common for variables to start their life uninitialized. Some...