Skip to content

Commit

Permalink
bf: fix crash when unbalanced loop and no aes (radareorg#9495)
Browse files Browse the repository at this point in the history
  • Loading branch information
@kazarmy @radare
kazarmy authored and radare committed Feb 24, 2018
1 parent 30278ae commit bcb7dcf
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 5 deletions.
4 changes: 2 additions & 2 deletions libr/anal/p/anal_bf.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,8 +63,8 @@ static int bf_op(RAnal *anal, RAnalOp *op, ut64 addr, const ut8 *buf, int len) {
op->type = R_ANAL_OP_TYPE_ILL;
goto beach;
}
if (i == len - 1 && anal->esil->cb.resize_read_buf) {
const ut8 *new_buf = anal->esil->cb.resize_read_buf (anal, len + 1 + BUFSIZE_INC);
if (i == len - 1 && anal->cb.resize_read_buf) {
const ut8 *new_buf = anal->cb.resize_read_buf (anal, len + 1 + BUFSIZE_INC);
if (new_buf) {
free ((ut8 *)buf);
buf = new_buf;
Expand Down
5 changes: 3 additions & 2 deletions libr/core/cmd_anal.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3097,7 +3097,8 @@ static ut64 initializeEsil(RCore *core) {
return addr;
}

static const ut8 *resize_read_buf(RAnal *anal, int new_len) {
static const ut8 *resize_read_buf(void *anal_, int new_len) {
RAnal *anal = anal_;
RCore *core = anal->user;
ut8 *buf = calloc (new_len, 1);
if (!buf) {
Expand Down Expand Up @@ -3130,7 +3131,7 @@ R_API int r_core_esil_step(RCore *core, ut64 until_addr, const char *until_expr,
return 0;
}
r_anal_esil_setup (esil, core->anal, romem, stats, noNULL); // setup io
esil->cb.resize_read_buf = resize_read_buf;
core->anal->cb.resize_read_buf = resize_read_buf;
core->anal->esil = esil;
esil->verbose = verbose;
{
Expand Down
2 changes: 1 addition & 1 deletion libr/include/r_anal.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -578,6 +578,7 @@ typedef struct r_anal_callbacks_t {
int (*on_fcn_delete) (RANAL , void *user, RAnalFunction *fcn);
int (*on_fcn_rename) (RANAL, void *user, RAnalFunction *fcn, const char *oldname);
int (*on_fcn_bb_new) (RANAL, void *user, RAnalFunction *fcn, RANAL_BLOCK bb);
const ut8 *(*resize_read_buf)(RANAL, int new_len);
} RAnalCallbacks;

#define R_ANAL_ESIL_GOTO_LIMIT 4096
Expand Down Expand Up @@ -1025,7 +1026,6 @@ typedef struct r_anal_esil_callbacks_t {
int (*reg_read)(ESIL *esil, const char *name, ut64 *res, int *size);
RAnalEsilHookRegWriteCB hook_reg_write;
int (*reg_write)(ESIL *esil, const char *name, ut64 val);
const ut8 *(*resize_read_buf)(RAnal *anal, int new_len);
} RAnalEsilCallbacks;

typedef struct r_anal_esil_t {
Expand Down

0 comments on commit bcb7dcf

Please sign in to comment.