Magic-Mirror/radare2
1
0
Fork 0
mirror of https://github.com/radareorg/radare2.git synced 2025-02-13 02:21:34 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Fix asan-fuzz tests (fixes recent uaf and ub around)

Browse Source
This commit is contained in:
pancake 2021-04-25 01:35:53 +02:00
parent 0ab7d91471
commit 04cf5922b9
2 changed files with 6 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
libr/core/cmd_anal.c
View File

@ -895,9 +895,7 @@ static void __add_vars_sdb(RCore *core, RAnalFunction *fcn) {
char *type = db_type && strstr (var->type, "arg_")? db_type: var->type;
char *v = r_str_newf ("%s,%s", type, var->name);
sdb_set (core->anal->sdb_types, k, v, 0);
free (k);
free (v);
arg_count++;
} else {
char *name = db_name ? db_name: var->name;
char *type = db_type? db_type: strdup (var->type);
@ -916,28 +914,26 @@ static void __add_vars_sdb(RCore *core, RAnalFunction *fcn) {
char *v = comma? strdup (o): r_str_newf ("%s,%s", type, name);
/// eprintf("arg (%s) %s -- %s%c", k, v, var->name, 10);
char *s = strdup (name);
free (var->name);
if (o) {
char *ov = v;
char *v2 = r_str_newf ("%s,%s", var->type, name);
if (!strstr (var->name, ",arg_")) {
v = v2;
free (var->name);
var->name = s;
}
} else free (s);
// sdb_set (core->anal->sdb_types, k, v, 0);
free (v2);
v = ov;
} else {
free (var->name);
var->name = s;
sdb_set (core->anal->sdb_types, k, v, 0);
}
free (k);
free (v);
arg_count++;
// #endif
}
free (db_name);
free (db_type);
free (k);
arg_count++;
}
}
// sdb_num_set (core->anal->sdb_types, args, (int)arg_count, 0);

2
libr/util/str_trim.c
View File

@ -158,7 +158,7 @@ R_API void r_str_trim_args(char *str) {
break;
}
len -= i;
memmove (ch, ch + 1, len);
r_str_ncpy (ch, ch + 1, len);
ws = ch + 1;
} else {
ws = (char *)r_str_trim_head_wp (ch);