Magic-Mirror/radare2
1
0
Fork 0
mirror of https://github.com/radareorg/radare2.git synced 2025-02-10 16:23:08 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Fix #10604 - another oobread crash in the java parser

Browse Source
This commit is contained in:
pancake 2018-07-04 16:52:05 +02:00
parent 62cabc24fe
commit ad5699f63f
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
shlr/java/class.c
View File

@ -6245,10 +6245,10 @@ R_API RBinJavaElementValuePair *r_bin_java_element_pair_new(ut8 *buffer, ut64 sz
}
evp->value = r_bin_java_element_value_new (buffer + offset, sz - offset, buf_offset + offset);
offset += evp->value->size;
if (offset >= sz) {
eprintf("moskito\n");
return NULL;
}
if (offset >= sz) {
free (evp->value);
return NULL;
}
evp->size = offset;
return evp;
}
@ -7132,6 +7132,9 @@ R_API RBinJavaAttrInfo *r_bin_java_rti_annotations_attr_new(ut8 *buffer, ut64 sz
offset += 2;
attr->info.annotation_array.annotations = r_list_newf (r_bin_java_annotation_free);
for (i = 0; i < attr->info.rtv_annotations_attr.num_annotations; i++) {
if (offset >= sz) {
break;
}
RBinJavaAnnotation *annotation = r_bin_java_annotation_new (buffer + offset, sz - offset, buf_offset + offset);
if (annotation) {
offset += annotation->size;