Georgia Kouveli issues

Results 6 issues of


                                            Georgia Kouveli

Consider using archive links instead of direct links for references

We should consider using the Wayback Machine (https://web.archive.org/) so that the links we add remain accessible in the future.

Make HTML version of book mobile device friendly.

The HTML version of the book here: https://llsoftsec.github.io/llsoftsecbook/ should be made easier to read on mobile devices.

ModelCacheMixin does not handle extra_constraints correctly for min

### Description Calling `min` with non-empty extra constraints results in an incorrect value, because the expression is found in `_min_exhausted` and cached results are incorrectly used to calculate the minimum....

bug

Add a section to chapter 2 on system call interposition, ASLR and related mitigations

On #164, @lucic71 [mentioned](https://github.com/llsoftsec/llsoftsecbook/issues/164#issuecomment-1546993829) [pinsyscall(2)](https://undeadly.org/cgi?action=article;sid=20230222064027) from OpenBSD as an additional mitigation against code reuse attacks. It'd be worthwhile to add a section describing mitigations beyond CFI that aren't just compiler-based,...

Write section on undefined behaviour and the intersection of optimisation and security

We haven't so far discussed undefined behaviour in the book, how compilers use it for optimisation, and how that can lead to security issues. It would also be interesting to...

content

Write a section/appendix with more information on exploitation

There is a TODO in the "exploitation primitives" section that reads: > The references in this section describe complicated modern exploits. Consider linking to simpler exploits, > as well as...

good first issue

content