Fix more crashes related to gdb and native mixtures

libr/bin/bin.c

@@ -1017,7 +1017,7 @@ R_API int r_bin_load_io_at_offset_as_sz(RBin *bin, int fd, ut64 baseaddr,
 	RBinFile *binfile = NULL;
 	int tfd = -1;
 
-	if (!io || (fd < 0)) {
+	if (!io || (fd < 0) || (st64)sz < 0) {
 		return false;
 	}
 	bool is_debugger = iob->fd_is_dbg (io, fd);
@@ -1046,7 +1046,7 @@ R_API int r_bin_load_io_at_offset_as_sz(RBin *bin, int fd, ut64 baseaddr,
 			if (tfd >= 0) {
 				buf_bytes = calloc (1, sz + 1);
 				iob->fd_read_at (io, tfd, 0, buf_bytes, sz);
-				iob->fd_close (io, tfd);
+				// iob->fd_close (io, tfd);
 			}
 		}
 	}
@@ -1080,7 +1080,7 @@ R_API int r_bin_load_io_at_offset_as_sz(RBin *bin, int fd, ut64 baseaddr,
 								(void) iob->fd_read_at (io, tfd, 0, buf_bytes, sz);
 							}
 						}
-						iob->fd_close (io, tfd);
+				//DOUBLECLOSE UAF : iob->fd_close (io, tfd);
 						tfd = -1;	// marking it closed
 					} else if (sz != file_sz) {
 						(void) iob->read_at (io, 0LL, buf_bytes, sz);

libr/io/p/io_gdb.c

@@ -13,6 +13,8 @@ typedef struct {
 	libgdbr_t desc;
 } RIOGdb;
 
+#define R_GDB_MAGIC r_str_hash ("gdb")
+
 static libgdbr_t *desc = NULL;
 static RIODesc *riogdb = NULL;
 
@@ -203,6 +205,18 @@ static int __close(RIODesc *fd) {
 
 static int __getpid(RIODesc *fd) {
 	return desc ? desc->pid : -1;
+	// dupe for ? r_io_desc_get_pid (desc);
+	if (!desc || !desc->data) {
+		return -1;
+	}
+	RIODescData *iodd = desc->data;
+	if (iodd) {
+		if (iodd->magic != R_GDB_MAGIC) {
+			return -1;
+		}
+		return iodd->pid;
+	}
+	return -1;
 }
 
 static int __gettid(RIODesc *fd) {