|
|
|
|
|
|
by saagarjha
2148 days ago
|
|
|
JavaScriptCore had an amusing scheme where they'd make an (executable) memcpy gadget with the address hardcoded, then throw away read permissions to that memory. So the pointer's address is thus not readable without modifying memory permissions. |
|
|