Bitdefender: UPX Unpacking Featuring Ten Memory Corruptions
This post breaks the two-year silence of this blog, showcasing a selection of memory corruption vulnerabilities in Bitdefenderβs anti-virus engine.
The goal of binary packing is to compress or obfuscate a binary, usually to save space/bandwidth or to evade malware analysis. A packed binary typically contains a compressed/obfuscated data payload. When the binary is executed, a loader decompresses this payload and then jumps to the actual entry point of the (inner) binary.