Magic-Mirror/radare2
1
0
Fork 0
mirror of https://github.com/radareorg/radare2.git synced 2024-11-28 07:30:33 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Fix #19377 - Heap overflow in of command without arguments

Browse Source
This commit is contained in:
Sergi Àlvarez i Capilla 2021-11-05 16:21:05 +01:00
parent b12bfc5cd8
commit 782e26c27e
1 changed files with 15 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
libr/core/cmd_open.c
View File

@ -1731,19 +1731,23 @@ static int cmd_open(void *data, const char *input) {
return 0;
// XXX projects use the of command, but i think we should deprecate it... keeping it for now
case 'f': // "of"
ptr = r_str_trim_head_ro (input + 2);
argv = r_str_argv (ptr, &argc);
if (argc == 0 || input[1] == '?') {
r_core_cmd_help (core, help_msg_of);
if (input[1]) {
ptr = r_str_trim_head_ro (input + 2);
argv = r_str_argv (ptr, &argc);
if (argc == 0 || input[1] == '?') {
r_core_cmd_help (core, help_msg_of);
r_str_argv_free (argv);
return 0;
}
if (argc == 2) {
perms = r_str_rwx (argv[1]);
}
fd = r_io_fd_open (core->io, argv[0], perms, 0);
core->num->value = fd;
r_str_argv_free (argv);
return 0;
} else {
eprintf ("Usage: of [arg...]\n");
}
if (argc == 2) {
perms = r_str_rwx (argv[1]);
}
fd = r_io_fd_open (core->io, argv[0], perms, 0);
core->num->value = fd;
r_str_argv_free (argv);
return 0;
case 'p': // "op"
/* handle prioritize */