Fix rw->ext read failure

philipphofmann · Aug 26, 2020 · 70c788d · 70c788d
1 parent d8845bd
commit 70c788d
Showing 1 changed file with 20 additions and 0 deletions.
diff --git a/Source/KSCrash/Recording/Tools/KSObjC.c b/Source/KSCrash/Recording/Tools/KSObjC.c
@@ -540,6 +540,20 @@ static bool isValidIvarType(const char* const type)
     return false;
 }
 
+static bool containsValidExtData(class_rw_t *rw)
+{
+    uintptr_t ext_ptr = rw->ro_or_rw_ext;
+    if (ext_ptr & 0x1UL) {
+        ext_ptr &= ~0x1UL;
+        struct class_rw_ext_t *rw_ext = (struct class_rw_ext_t *)ext_ptr;
+        if (!ksmem_isMemoryReadable(rw_ext, sizeof(*rw_ext))) {
+            return false;
+        }
+    }
+
+    return true;
+}
+
 static bool containsValidROData(const void* const classPtr)
 {
     const struct class_t* const class = classPtr;
@@ -552,6 +566,11 @@ static bool containsValidROData(const void* const classPtr)
     {
         return false;
     }
+
+    if (!containsValidExtData(rw)) {
+        return false;
+    }
+
     const class_ro_t* ro = getClassRO(class);
     if(!ksmem_isMemoryReadable(ro, sizeof(*ro)))
     {
@@ -560,6 +579,7 @@ static bool containsValidROData(const void* const classPtr)
     return true;
 }
 
+
 static bool containsValidIvarData(const void* const classPtr)
 {
     const struct class_ro_t* ro = getClassRO(classPtr);