Magic-Mirror/radare2
1
0
Fork 0
mirror of https://github.com/radareorg/radare2.git synced 2025-01-27 00:05:10 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Fix code injection vulns in new dmS

Browse Source
This commit is contained in:
pancake 2016-12-01 09:20:02 +01:00
parent 97b3b86bba
commit 5bb4568b55
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
libr/core/cmd_debug.c
View File

@ -1115,11 +1115,18 @@ static int cmd_debug_map(RCore *core, const char *input) {
char *res;
const char *file = map->file? map->file: map->name;
char *name = r_str_escape ((char *)r_file_basename (file));
char *filesc = r_str_escape (file);
/* TODO: do not spawn. use RBin API */
if (sectname) {
res = r_sys_cmd_strf ("env RABIN2_PREFIX=\"%s\" rabin2 %s-B 0x%08"PFMT64x" -S %s | grep %s", name, mode, baddr, file, sectname);
char *sect = r_str_escape (sectname);
res = r_sys_cmd_strf ("env RABIN2_PREFIX=\"%s\" rabin2 %s-B 0x%08"
PFMT64x" -S \"%s\" | grep \"%s\"", name, mode, baddr, filesc, sect);
free (sect);
} else {
res = r_sys_cmd_strf ("env RABIN2_PREFIX=\"%s\" rabin2 %s-B 0x%08"PFMT64x" -S %s", name, mode, baddr, file);
res = r_sys_cmd_strf ("env RABIN2_PREFIX=\"%s\" rabin2 %s-B 0x%08"
PFMT64x" -S \"%s\"", name, mode, baddr, filesc);
}
free (filesc);
r_cons_println (res);
free(name);
free (res);