Los Abaphengululi baseCheck Point basandula ukuveza kwinkomfa ye-DEF eneenkcukacha yendlela entsha eyafunyanwa, oku kusetyenziswa pUkuhlasela usetyenziso olusebenzisa iinguqulelo ezibuthathaka ze-SQLite.
Indlela Indawo yokujonga ithathela ingqalelo iifayile zedatha njengethuba lokudibanisa imeko zokuxhatshazwa Kwiinkqubo ezahlukeneyo zangaphakathi ze-SQLite ezingafumanekiyo ukuxhaphaza ibunzi. Abaphandi baphinde bavelisa indlela yokuxhaphaza ukuba semngciphekweni ngokuxhaphaza ukufaka iikhowudi ngohlobo lomtya wemibuzo YOKUKHETHA kwiziko ledatha le-SQLite, evumela i-ASLR ukuba ithintelwe.
Malunga nokuba sesichengeni
Abaphandi abaJonga indawo kuhlaselo oluyimpumelelo, umhlaseli kufuneka akwazi ukuguqula iifayile zedatha yezicelo ezihlaselweyo, ethintela umda kwindlela yokuhlaselwa kwezicelo ezisebenzisa i-SQLite yolwazi njengefomathi yohambo kunye nedatha yegalelo.
Nangona Bakwachaza ukuba indlela inokusetyenziselwa ukwandisa ukufikelela kwasekhaya esele kufunyenwe, umzekelo, ukudibanisa iminyango yangasemva efihliweyo kwizicelo ezisetyenzisiweyo, kunye nokuthintela abaphandi bezokhuseleko xa behlalutya i-malware.
Umsebenzi emva kokuzenza ongeyena kwifayile wenziwa ngexesha lesicelo esenza isicelo sokuqala SOKUKHETHA kwitafile kwindawo yogcino lwedatha.
Njengomzekelo, ukubanakho ukuqhuba ikhowudi kwi-iOS xa uvula incwadi yedilesi kubonisiwe, ifayile enesiseko sedatha «Incwadi yeedilesi»Yeyiphi eguqulweyo kusetyenziswa indlela ecetywayo.
Uhlaselo, Ukuba semngciphekweni kwasetyenziswa kwi fts3_tokenizer function (I-CVE-2019-8602, ukukwazi ukuphinda ukhombe isikhombisi), esisigxina kuhlaziyo luka-Epreli SQLite 2.28, kunye nobunye ubungozi ekuphunyezweni kwemisebenzi yewindows.
Kwakhona, ibonisa ukusetyenziswa kwendlela yokuthimba ulawulo lwerhafu kude kubahlaseli ababhalwe kwi-PHP, Eqokelela ipaswedi efunyenweyo ngexesha lokusebenza kwekhowudi enobungozi (amagama agqithisiweyo afunyenwe adluliswa ngohlobo lwedatha yeSQLite).
Indlela yokuhlaselwa isekwe ekusetyenzisweni kweendlela ezimbini, ukuThintela ukuKhangela kunye neNkqubo yokuSebenza ngokuKhangela, ezivumela iingxaki ezinokukhokelela kurhwaphilizo kwimemori kwi-injini ye-SQLite ukuba isetyenziswe.
Umongo wolu daba "lokuxhwilwa kombuzo" kukutshintsha umxholo we "sql" kwitafile yenkonzo_master_master echaza ubume besiseko sedatha. Indawo ekhankanyiweyo iqulethe i-DDL (Idatha yeNgcaciso yoLwimi) ibhloko esetyenziselwa ukuchaza ubume bezinto kwiziko ledatha.
Inkcazo isetwe kusetyenziswa is syntax yesiqhelo ye-SQL, okt. Ukwakhiwa kwe- "CREATE TABLE", okwenziwa ngexesha lokumiliselwa kwesiseko sedatha (ngexesha lokuqala lokwenza umsebenzi we-sqlite3LocateTable) isetyenziselwa ukwenza ulwakhiwo lwangaphakathi olunxulunyaniswa netafile kwimemori.
Umbono kukuba ngenxa yokutshintsha i "CREATE TABLE" kunye ne "CREATE VIEW.", kunokwenzeka ukulawula nakuphi na ukufikelela kwiziko ledatha ngenkcazo yokujonga kwayo.
Kwelinye icala, usebenzisa umyalelo "WOKUQALA UKUJONGA", umsebenzi "WOKUKHETHA" uqhotyoshelwe etafileni, oya kuthi ubizwe endaweni yokuba "YENZA ISICWANGCISO" kwaye uvumele umhlaseli ukuba afikelele kwiindawo ezahlukeneyo zesitoliki se-SQLite.
Ngaphandle koku, eyona ndlela ilula yokuhlasela iya kuba kukubiza umsebenzi "we-load_extension", ovumela umhlaseli ukuba akwazi ukulayisha ithala leencwadi elingenasizathu nolwandiso, kodwa lo msebenzi ukhubazekile ngokungagqibekanga.
Ukwenza uhlaselo phantsi kweemeko zokukwazi ukwenza umsebenzi WOKUKHETHA, inkqubo ecwangcisiweyo ejolise kumbuzo yacetyiswa, evumela ukuxhaphaza iingxaki kwi-SQLite ekhokelela kurhwaphilizo kwimemori.
Obu buchule busikhumbuza ngeNkqubo yokuBuyela ngokuSisiseko (ROP), kodwa isebenzisa iikhowudi zomatshini ezingekhoyo, kodwa ifakwe kwiseti yemibuzo ebuzwayo ngaphakathi UKHETHO ukwakha ikhonkco leminxeba ("izixhobo").
Umthombo: https://threatpost.com/