1

I attempted to compile the POC for Dirty COW on OSX (Disclaimer: not a C programmer). Here is the error:

dirtycow.c: In function ‘procselfmemThread’:
dirtycow.c:64:5: warning: implicit declaration of function ‘lseek’ [-Wimplicit-function-declaration]
     lseek(f,map,SEEK_SET);
     ^~~~~
dirtycow.c:65:8: warning: implicit declaration of function ‘write’ [-Wimplicit-function-declaration]
     c+=write(f,str,strlen(str));
        ^~~~~
dirtycow.c: In function ‘main’:
dirtycow.c:82:3: warning: implicit declaration of function ‘fstat’ [-Wimplicit-function-declaration]
   fstat(f,&st);
   ^~~~~
dirtycow.c:95:3: error: invalid use of undefined type ‘struct stat’
   map=mmap(NULL,st.st_size,PROT_READ,MAP_PRIVATE,f,0);
   ^~~
dirtycow.c: At top level:
dirtycow.c:27:13: error: storage size of ‘st’ isn’t known
 struct stat st;

So the question is, do I have the syntax wrong for C on OSX, or is OSX just not vulnerable to this exploit?

Anders
  • 64,406
  • 24
  • 178
  • 215
HashHazard
  • 5,105
  • 1
  • 17
  • 29
  • These do not indicate anything about vulnerability - these are library differences, it looks like. Off topic here - try StackOverflow. – crovers Oct 21 '16 at 14:18
  • 3
    DirtyCow is, however, a linux kernel vulnerability - an error in implementation. MacOS X is BSD based - completely different code base. While in principle there could be a similar vulnerability, it is very unlikely that a Linux based exploit for a Linux based vulnerability would operate on MacOS. – crovers Oct 21 '16 at 14:20
  • @crovers To me your second comment sounds like a good ontopic answer to the question! :-) – Anders Oct 21 '16 at 15:07

1 Answers1

8

DirtyCow is a linux kernel vulnerability - an error in implementation. MacOS X is BSD based - completely different code base. While in principle there could be a similar vulnerability, it is very unlikely that a Linux based exploit for a Linux based vulnerability would operate on MacOS.

crovers
  • 6,311
  • 1
  • 19
  • 29