Many have used Frida to perform instrumentation but it is also important to be aware of good practices when doing so. What I am going to talk about is two of the most common ones; I do them from time to time too.
The one I see the most is provoking user-after-frees when instrumenting functions. This happens whenever the lifetime of a variable/assignment is not ensured within Interceptor callbacks. An example of a dangerous situation:
The way Frida handles this callback does not ensure that the assigments for both tempArg and one will remain during the execution of this block. This can be fixed by using this:
When using this to store data it will ensure that it lives throughout the entire of the Interceptor block, this includes sharing data/state between onEnter and onLeave callbacks
No comments:
Post a Comment