Magic-Mirror/radare2
1
0
Fork 0
mirror of https://github.com/radareorg/radare2.git synced 2024-12-12 15:38:09 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Fix UAF in cb_asmarch

Browse Source
This commit is contained in:
Álvaro Felipe Melchor 2017-01-25 23:20:20 +01:00
parent f36cfc2614
commit 088c13ddad
2 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libr/asm/asm.c
View File

@ -303,7 +303,9 @@ static int has_bits(RAsmPlugin *h, int bits) {
}
R_API void r_asm_set_cpu(RAsm *a, const char *cpu) {
free (a->cpu);
if (a) {
free (a->cpu);
}
a->cpu = cpu? strdup (cpu): NULL;
}

5
libr/core/cconfig.c
View File

@ -268,7 +268,9 @@ static int cb_asmarch(void *user, void *data) {
eprintf ("asm.arch: cannot find (%s)\n", node->value);
return false;
}
const char *asm_cpu = r_config_get (core->config, "asm.cpu");
//we should strdup here otherwise will crash if any r_config_set
//free the old value
char *asm_cpu = strdup (r_config_get (core->config, "asm.cpu"));
if (core->assembler->cur) {
const char *newAsmCPU = core->assembler->cur->cpus;
if (newAsmCPU) {
@ -351,6 +353,7 @@ static int cb_asmarch(void *user, void *data) {
core->print->big_endian = bigbin;
}
r_asm_set_cpu (core->assembler, asm_cpu);
free (asm_cpu);
/* reload types and cc info */
r_core_anal_type_init (core);
r_core_anal_cc_init (core);