mirror of
https://github.com/radareorg/radare2.git
synced 2025-02-26 09:06:02 +00:00
Fix negative/huge mallocs in PE parser and fix invalid fd close
This commit is contained in:
pancake
parent
3ff35276bb
commit
773b033620
@ -22,14 +22,14 @@ LIBS=$(LIBS0) $(LIBS1) $(LIBS2) $(LIBS3) $(LIBS4) $(LIBS5) $(LIBS6) $(LIBS7)
|
||||
.PHONY: $(LIBS)
|
||||
|
||||
all:
|
||||
${MAKE} -j$(MAKE_JOBS) $(LIBS0)
|
||||
${MAKE} -j$(MAKE_JOBS) $(LIBS1)
|
||||
${MAKE} -j$(MAKE_JOBS) $(LIBS2)
|
||||
${MAKE} -j$(MAKE_JOBS) $(LIBS3)
|
||||
${MAKE} -j$(MAKE_JOBS) $(LIBS4)
|
||||
${MAKE} -j$(MAKE_JOBS) $(LIBS5)
|
||||
${MAKE} -j$(MAKE_JOBS) $(LIBS6)
|
||||
${MAKE} -j$(MAKE_JOBS) $(LIBS7)
|
||||
${MAKE} $(LIBS0)
|
||||
${MAKE} $(LIBS1)
|
||||
${MAKE} $(LIBS2)
|
||||
${MAKE} $(LIBS3)
|
||||
${MAKE} $(LIBS4)
|
||||
${MAKE} $(LIBS5)
|
||||
${MAKE} $(LIBS6)
|
||||
${MAKE} $(LIBS7)
|
||||
ifeq (${WITHNONPIC},1)
|
||||
${MAKE} libr.a
|
||||
endif
|
||||
@ -58,7 +58,7 @@ gnu_libr.a: $(shell ls */libr_*.a 2>/dev/null)
|
||||
|
||||
$(LIBS):
|
||||
@echo "DIR $@"
|
||||
@${MAKE} -j$(MAKE_JOBS) -C $@
|
||||
@${MAKE} -C $@
|
||||
|
||||
pkgcfg:
|
||||
@for lib in ${LIBS}; do ( cd $${lib} && ${MAKE} pkgcfg ); done
|
||||
|
||||
@ -172,8 +172,10 @@ static struct r_bin_pe_export_t* parse_symbol_table(struct PE_(r_bin_pe_obj_t)*
|
||||
int textn = 0;
|
||||
int exports_sz;
|
||||
int symctr = 0;
|
||||
char *buf = malloc (bufsz);
|
||||
|
||||
char *buf;
|
||||
if (bufsz<1 || bufsz>bin->size)
|
||||
return 0;
|
||||
buf = malloc (bufsz);
|
||||
if (!buf)
|
||||
return 0;
|
||||
exports_sz = sizeof (struct r_bin_pe_export_t)*num;
|
||||
@ -670,6 +672,10 @@ struct r_bin_pe_lib_t* PE_(r_bin_pe_get_libs)(struct PE_(r_bin_pe_obj_t) *bin) {
|
||||
|
||||
/* NOTE: import_dirs and delay_import_dirs can be -1 */
|
||||
mallocsz = (import_dirs_count + delay_import_dirs_count + 3) * sizeof (struct r_bin_pe_lib_t);
|
||||
if (mallocsz>bin->size) {
|
||||
//eprintf ("pe: Invalid libsize\n");
|
||||
return NULL;
|
||||
}
|
||||
libs = malloc (mallocsz);
|
||||
if (!libs) {
|
||||
perror ("malloc (libs)");
|
||||
|
||||
@ -479,8 +479,10 @@ static void update_sdb(RCore *core) {
|
||||
sdb_ns_set (DB, "anal", core->anal->sdb);
|
||||
//sdb_ns_set (core->sdb, "flags", core->flags->sdb);
|
||||
//sdb_ns_set (core->sdb, "bin", core->bin->sdb);
|
||||
if (core->assembler && core->assembler->syscall)
|
||||
if (core->assembler && core->assembler->syscall) {
|
||||
core->assembler->syscall->db->refs++;
|
||||
sdb_ns_set (DB, "syscall", core->assembler->syscall->db);
|
||||
}
|
||||
{
|
||||
Sdb *d = sdb_ns (DB, "debug");
|
||||
sdb_ns_set (d, "signals", core->dbg->sgnls);
|
||||
|
||||
10
libr/io/io.c
10
libr/io/io.c
@ -592,19 +592,19 @@ R_API int r_io_system(RIO *io, const char *cmd) {
|
||||
R_API int r_io_close(RIO *io, RIODesc *fd) {
|
||||
if (io == NULL || fd == NULL)
|
||||
return -1;
|
||||
int nfd = fd->fd;
|
||||
if (r_io_set_fd (io, fd)) {
|
||||
RIODesc *desc = r_io_desc_get (io, fd->fd);
|
||||
int nfd = fd->fd;
|
||||
RIODesc *desc = r_io_desc_get (io, nfd);
|
||||
if (desc) {
|
||||
r_io_map_del (io, fd->fd);
|
||||
r_io_plugin_close (io, fd->fd, io->plugin);
|
||||
r_io_map_del (io, nfd);
|
||||
r_io_plugin_close (io, nfd, io->plugin);
|
||||
if (io->plugin && io->plugin->close)
|
||||
return io->plugin->close (desc);
|
||||
r_io_desc_del (io, desc->fd);
|
||||
}
|
||||
}
|
||||
io->fd = NULL; // unset current fd
|
||||
return close (nfd);
|
||||
return R_FALSE;
|
||||
}
|
||||
|
||||
ut64 r_io_desc_seek (RIO *io, RIODesc *desc, ut64 offset, int whence) {
|
||||
|
||||
@ -168,7 +168,6 @@ R_API RListIter *r_list_append(RList *list, void *data) {
|
||||
return new;
|
||||
}
|
||||
|
||||
|
||||
R_API RListIter *r_list_prepend(RList *list, void *data) {
|
||||
RListIter *new = R_NEW (RListIter);
|
||||
if (list->head)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user