diff --git a/libr/anal/op.c b/libr/anal/op.c index 230d472fdc..611a690486 100644 --- a/libr/anal/op.c +++ b/libr/anal/op.c @@ -38,10 +38,15 @@ R_API bool r_anal_op_fini(RAnalOp *op) { return false; } r_anal_var_free (op->var); + op->var = NULL; r_anal_value_free (op->src[0]); r_anal_value_free (op->src[1]); r_anal_value_free (op->src[2]); + op->src[0] = NULL; + op->src[1] = NULL; + op->src[2] = NULL; r_anal_value_free (op->dst); + op->dst = NULL; r_strbuf_fini (&op->esil); r_anal_switch_op_free (op->switch_op); R_FREE (op->mnemonic); diff --git a/libr/asm/p/asm_x86_olly.c b/libr/asm/p/asm_x86_olly.c index 4e445af78f..79ee7604d4 100644 --- a/libr/asm/p/asm_x86_olly.c +++ b/libr/asm/p/asm_x86_olly.c @@ -33,9 +33,9 @@ static int assemble(RAsm *a, RAsmOp *op, const char *buf) { } } } - op->size = R_MAX (0, Assemble((char*)buf, a->pc, &asm_obj, oattempt, oconstsize, buf_err)); + op->size = R_MAX (0, Assemble ((char*)buf, a->pc, &asm_obj, oattempt, oconstsize, buf_err)); if (op->size > 0) { - memcpy (op->buf, asm_obj.code, R_MIN(op->size, sizeof (op->buf))); + memcpy (op->buf, asm_obj.code, R_MIN (R_MIN (16, op->size), sizeof (op->buf))); } return op->size; } diff --git a/libr/core/core.c b/libr/core/core.c index 8fe6269de0..a627d693a1 100644 --- a/libr/core/core.c +++ b/libr/core/core.c @@ -846,19 +846,22 @@ openfile: const char *msg = line->buffer.data + 3; RFlag *flag = core->flags; int j, i = 0; - for (j=0; jspaces[j] && flag->spaces[j][0]) { if (i == TMP_ARGV_SZ - 1) { break; } if (!strncmp (msg, flag->spaces[j], strlen (msg))) { - tmp_argv[i++] = flag->spaces[j]; + if (i + 1 < TMP_ARGV_SZ) { + tmp_argv[i++] = flag->spaces[j]; + } } } } - if (flag->spaces[j] && !strncmp (msg, flag->spaces[j], - strlen (msg))) { - tmp_argv[i++] = "*"; + if (flag->spaces[j] && !strncmp (msg, flag->spaces[j], strlen (msg))) { + if (i + 1 < TMP_ARGV_SZ) { + tmp_argv[i++] = "*"; + } } tmp_argv[i] = NULL; line->completion.argc = i; diff --git a/libr/io/buffer.c b/libr/io/buffer.c index 75a721cc48..1f8ee28cb5 100644 --- a/libr/io/buffer.c +++ b/libr/io/buffer.c @@ -1,4 +1,4 @@ -/* radare - LGPL - Copyright 2013 - pancake */ +/* radare - LGPL - Copyright 2013-2016 - pancake */ #include "r_io.h" @@ -11,14 +11,18 @@ R_API int r_io_buffer_load(RIO* io, ut64 addr, int len) { ut64 at; int i, r; ut8 buf[512]; - if (len<1) return false; + if (len < 1) { + return false; + } io->buffer_enabled = 0; - for (i=0; ibuffer, at, buf, sizeof (buf)); } io->buffer_enabled = 1; @@ -35,19 +39,32 @@ R_API int r_io_buffer_read (RIO *io, ut64 addr, ut8* buf, int len) { // align addr if out of buffer if its mapped on io // ret = r_cache_get (io->buffer, addr, &l); if (!ret) { - if (l<1) return 0; // no next block in buffer cache - if (l>len) return 0; // next block too far + if (l < 1) { + return 0; // no next block in buffer cache + } + if (l > len) { + return 0; // next block too far + } next = l; - ret = r_cache_get (io->buffer, addr+next+1, &l); - if (!ret) return 0; - if (llen) l = len; + ret = r_cache_get (io->buffer, addr + next + 1, &l); + if (!ret) { + return 0; + } + if (l < len) { + memset (buf + l, 0xff, len - l); + } + if (l > len) { + l = len; + } memset (buf, 0xff, next); - memcpy (buf+next, ret, (len-next)); + memcpy (buf + next, ret, len - next); return len; } - if (l>len) l = len; - else if (l len) { + l = len; + } else if (l < len) { + memset (buf + l, 0xff, len - l); + } memcpy (buf, ret, l); return l; } diff --git a/libr/io/map.c b/libr/io/map.c index ae33cd385a..8cb049fb07 100644 --- a/libr/io/map.c +++ b/libr/io/map.c @@ -128,8 +128,9 @@ static RList *r_io_map_get_maps_in_range_prepend(RIO *io, ut64 addr, ut64 endadd R_API RIOMap *r_io_map_resolve_in_range (RIO *io, ut64 addr, ut64 endaddr, int fd) { RList *maps; RIOMap *map; - if (!io || !io->maps) + if (!io || !io->maps) { return NULL; + } maps = r_io_map_get_maps_in_range_prepend (io, addr, endaddr); map = r_io_map_resolve_from_list (maps, fd); r_list_free (maps); @@ -279,17 +280,19 @@ R_API ut64 r_io_map_select(RIO *io, ut64 off) { } if (done == 0) { r_io_use_fd (io, fd); - r_io_seek (io, -1, R_IO_SEEK_SET); + (void)r_io_seek (io, -1, R_IO_SEEK_SET); return paddr; } if (fd == -1) { - r_io_seek (io, off, R_IO_SEEK_SET); + (void)r_io_seek (io, off, R_IO_SEEK_SET); return off; } r_io_use_fd (io, fd); - if (io->debug) /* HACK */ - r_io_seek (io, off, R_IO_SEEK_SET); - else r_io_seek (io, paddr, R_IO_SEEK_SET); + if (io->debug) {/* HACK */ + (void)r_io_seek (io, off, R_IO_SEEK_SET); + } else { + r_io_seek (io, paddr, R_IO_SEEK_SET); + } r_io_use_fd (io, fd); return paddr; } diff --git a/libr/util/print.c b/libr/util/print.c index be7ad1987e..4ccec30c8a 100644 --- a/libr/util/print.c +++ b/libr/util/print.c @@ -1351,7 +1351,7 @@ R_API char * r_print_colorize_opcode (char *p, const char *reg, const char *num) #define STRIP_ANSI 1 #if STRIP_ANSI /* skip until 'm' */ - for (++i;p[i] && p[i] != 'm'; i++) { + for (++i; p[i] && p[i] != 'm'; i++) { o[j] = p[i]; } continue; @@ -1378,8 +1378,14 @@ R_API char * r_print_colorize_opcode (char *p, const char *reg, const char *num) if (p[i + 1] == ' ' && p[i + 2] == 'L') { strcpy (o + j, num); j += strlen (num); - strcpy (o + j , p + i); - return strdup (o); + if (j + p + i <= o + sizeof (o)) { + int len = strlen (p + i); + len = R_MIN (len, sizeof (o)); + strncpy (o + j , p + i, len); + o[len] = 0; + return strdup (o); + } + return o; } if (is_float) { /* do nothing, keep going until next */ @@ -1390,7 +1396,7 @@ R_API char * r_print_colorize_opcode (char *p, const char *reg, const char *num) eprintf ("r_print_colorize_opcode(): buffer overflow!\n"); return strdup (p); } - strcpy (o+j, Color_RESET); + strcpy (o + j, Color_RESET); j += strlen (Color_RESET); o[j++] = p[i]; if (p[i] == '$' || ((p[i] > '0') && (p[i] < '9'))) { @@ -1421,7 +1427,7 @@ R_API char * r_print_colorize_opcode (char *p, const char *reg, const char *num) // find if next ',' before ' ' is found is_mod = 0; is_float = 0; - for (k = i+1; p[k]; k++) { + for (k = i + 1; p[k]; k++) { if (p[k] == 'e' && p[k + 1] == '+') { is_float = 1; break; @@ -1476,7 +1482,7 @@ R_API char * r_print_colorize_opcode (char *p, const char *reg, const char *num) opcode_sz += 21; /* free (t_o); */ } - strcpy (o+j, Color_RESET); + strcpy (o + j, Color_RESET); //strcpy (p, o); // may overflow .. but shouldnt because asm.buf_asm is big enought return strdup (o); } @@ -1489,7 +1495,9 @@ R_API void r_print_init_rowoffsets (RPrint *p) { // set the offset, from the start of the printing, of the i-th row R_API void r_print_set_rowoff (RPrint *p, int i, ut32 offset) { - if (i < 0) return; + if (i < 0) { + return; + } if (!p->row_offsets || !p->row_offsets_sz) { p->row_offsets_sz = R_MAX(i + 1, DFLT_ROWS); p->row_offsets = R_NEWS (ut32, p->row_offsets_sz); @@ -1498,8 +1506,9 @@ R_API void r_print_set_rowoff (RPrint *p, int i, ut32 offset) { size_t new_size; p->row_offsets_sz *= 2; //XXX dangerous - while (i >= p->row_offsets_sz) + while (i >= p->row_offsets_sz) { p->row_offsets_sz *= 2; + } new_size = sizeof (ut32) * p->row_offsets_sz; p->row_offsets = realloc (p->row_offsets, new_size); } @@ -1509,7 +1518,9 @@ R_API void r_print_set_rowoff (RPrint *p, int i, ut32 offset) { // return the offset, from the start of the printing, of the i-th row. // if the line index is not valid, UT32_MAX is returned. R_API ut32 r_print_rowoff (RPrint *p, int i) { - if (i < 0 || i >= p->row_offsets_sz) return UT32_MAX; + if (i < 0 || i >= p->row_offsets_sz) { + return UT32_MAX; + } return p->row_offsets[i]; }