Fix few UB covs, more asserts

This commit is contained in:
pancake 2024-10-17 12:57:41 +02:00 committed by GitHub
parent 37b2d15c02
commit bc261f144c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 74 additions and 57 deletions

View File

@ -517,9 +517,21 @@ R_API void r2r_subprocess_fini(void) {
r_th_lock_free (subprocs_mutex);
}
static inline void dup_retry(int fds[2], int n, int b) {
while ((dup2 (fds[n], b) == -1) && (errno == EINTR)) {
;
}
close (fds[0]);
close (fds[1]);
}
R_API R2RSubprocess *r2r_subprocess_start(
const char *file, const char *args[], size_t args_size,
const char *envvars[], const char *envvals[], size_t env_size) {
int stdin_pipe[2] = { -1, -1 };
int stdout_pipe[2] = { -1, -1 };
int stderr_pipe[2] = { -1, -1 };
char **argv = calloc (args_size + 2, sizeof (char *));
if (!argv) {
return NULL;
@ -549,30 +561,27 @@ R_API R2RSubprocess *r2r_subprocess_start(
goto error;
}
int stdin_pipe[2] = { -1, -1 };
if (pipe (stdin_pipe) == -1) {
r_sys_perror ("subproc-start pipe");
goto error;
}
proc->stdin_fd = stdin_pipe[1];
int stdout_pipe[2] = { -1, -1 };
if (pipe (stdout_pipe) == -1) {
r_sys_perror ("subproc-start pipe");
goto error;
}
if (fcntl(stdout_pipe[0], F_SETFL, O_NONBLOCK) < 0) {
if (fcntl (stdout_pipe[0], F_SETFL, O_NONBLOCK) < 0) {
r_sys_perror ("subproc-start fcntl");
goto error;
}
proc->stdout_fd = stdout_pipe[0];
int stderr_pipe[2] = { -1, -1 };
if (pipe (stderr_pipe) == -1) {
r_sys_perror ("subproc-start pipe");
goto error;
}
if (fcntl(stderr_pipe[0], F_SETFL, O_NONBLOCK) < 0) {
if (fcntl (stderr_pipe[0], F_SETFL, O_NONBLOCK) < 0) {
r_sys_perror ("subproc-start fcntl");
goto error;
}
@ -588,17 +597,9 @@ R_API R2RSubprocess *r2r_subprocess_start(
return NULL;
}
if (proc->pid == 0) {
// child
while ((dup2 (stdin_pipe[0], STDIN_FILENO) == -1) && (errno == EINTR)) {}
close (stdin_pipe[0]);
close (stdin_pipe[1]);
while ((dup2 (stdout_pipe[1], STDOUT_FILENO) == -1) && (errno == EINTR)) {}
close (stdout_pipe[1]);
close (stdout_pipe[0]);
while ((dup2 (stderr_pipe[1], STDERR_FILENO) == -1) && (errno == EINTR)) {}
close (stderr_pipe[1]);
close (stderr_pipe[0]);
dup_retry (stdin_pipe, 0, STDIN_FILENO);
dup_retry (stdout_pipe, 1, STDOUT_FILENO);
dup_retry (stderr_pipe, 1, STDERR_FILENO);
size_t i;
for (i = 0; i < env_size; i++) {
setenv (envvars[i], envvals[i], 1);
@ -1177,7 +1178,7 @@ R_API R2RAsmTestOutput *r2r_run_asm_test(R2RRunConfig *config, R2RAsmTest *test)
if (!bytes) {
goto rip;
}
int byteslen = r_hex_str2bin (hex, bytes);
const int byteslen = r_hex_str2bin (hex, bytes);
if (byteslen <= 0) {
free (bytes);
goto rip;

View File

@ -1,4 +1,4 @@
/* radare - LGPL - Copyright 2010-2023 - nibble, pancake */
/* radare - LGPL - Copyright 2010-2024 - nibble, pancake */
#define R_LOG_ORIGIN "anal.diff"
@ -23,8 +23,8 @@ R_API void r_anal_diff_free(RAnalDiff *diff) {
}
}
/* 0-1 */
R_API void r_anal_diff_setup(RAnal *anal, int doops, double thbb, double thfcn) {
R_RETURN_IF_FAIL (anal);
if (doops >= 0) {
anal->diff_ops = doops;
}
@ -32,8 +32,8 @@ R_API void r_anal_diff_setup(RAnal *anal, int doops, double thbb, double thfcn)
anal->diff_thfcn = (thfcn >= 0)? thfcn: R_ANAL_THRESHOLDFCN;
}
/* 0-100 */
R_API void r_anal_diff_setup_i(RAnal *anal, int doops, int thbb, int thfcn) {
R_RETURN_IF_FAIL (anal);
if (doops >= 0) {
anal->diff_ops = doops;
}
@ -48,17 +48,17 @@ R_API int r_anal_diff_fingerprint_bb(RAnal *anal, RAnalBlock *bb) {
int oplen, idx = 0;
if (!anal) {
return false;
return 0;
}
if (anal->cur && anal->cur->fingerprint_bb) {
return (anal->cur->fingerprint_bb (anal, bb));
}
if (!(bb->fingerprint = malloc (1 + bb->size))) {
return false;
return 0;
}
if (!(buf = malloc (bb->size + 1))) {
free (bb->fingerprint);
return false;
return 0;
}
if (anal->iob.read_at (anal->iob.io, bb->addr, buf, bb->size)) {
memcpy (bb->fingerprint, buf, bb->size);
@ -66,7 +66,7 @@ R_API int r_anal_diff_fingerprint_bb(RAnal *anal, RAnalBlock *bb) {
if (!(op = r_anal_op_new ())) {
free (bb->fingerprint);
free (buf);
return false;
return 0;
}
while (idx < bb->size) {
if ((oplen = r_anal_op (anal, op, 0, buf+idx, bb->size-idx, R_ARCH_OP_MASK_BASIC)) < 1) {
@ -85,12 +85,12 @@ R_API int r_anal_diff_fingerprint_bb(RAnal *anal, RAnalBlock *bb) {
}
static int bb_sort_by_addr(const void *x, const void *y) {
RAnalBlock *a = (RAnalBlock *)x;
RAnalBlock *b = (RAnalBlock *)y;
if (a->addr > b->addr) {
ut64 a_addr = ((RAnalBlock *)x)->addr;
ut64 b_addr = ((RAnalBlock *)y)->addr;
if (a_addr > b_addr) {
return 1;
}
if (a->addr < b->addr) {
if (a_addr < b_addr) {
return -1;
}
return 0;
@ -189,7 +189,7 @@ R_API int r_anal_diff_fcn(RAnal *anal, RList *fcns, RList *fcns2) {
RAnalFunction *fcn, *fcn2, *mfcn, *mfcn2;
RListIter *iter, *iter2;
ut64 maxsize, minsize;
double t, ot;
double t = 0, ot = 0;
if (!fcns2) {
fcns2 = fcns;
}

View File

@ -420,19 +420,26 @@ R_API char *r_anal_op_tostring(RAnal *anal, RAnalOp *op) {
RAnalBlock *bb;
RAnalFunction *f;
char *cstr, ret[128];
RAnalValue *dst = r_vector_at (&op->dsts, 0);
RAnalValue *src0 = r_vector_at (&op->srcs, 0);
RAnalValue *src1 = r_vector_at (&op->srcs, 1);
char *r0 = r_anal_value_tostring (dst);
char *a0 = r_anal_value_tostring (src0);
char *a1 = r_anal_value_tostring (src1);
if (!r0) {
char *r0, *a0, *a1;
if (op->dsts.len || op->srcs.len) {
RAnalValue *dst = r_vector_at (&op->dsts, 0);
RAnalValue *src0 = r_vector_at (&op->srcs, 0);
RAnalValue *src1 = r_vector_at (&op->srcs, 1);
r0 = r_anal_value_tostring (dst);
a0 = r_anal_value_tostring (src0);
a1 = r_anal_value_tostring (src1);
if (!r0) {
r0 = strdup ("?");
}
if (!a0) {
a0 = strdup ("?");
}
if (!a1) {
a1 = strdup ("?");
}
} else {
r0 = strdup ("?");
}
if (!a0) {
a0 = strdup ("?");
}
if (!a1) {
a1 = strdup ("?");
}

View File

@ -1,4 +1,4 @@
/* radare - LGPL - Copyright 2010-2023 - pancake */
/* radare - LGPL - Copyright 2010-2024 - pancake */
#include <r_anal.h>
@ -13,23 +13,30 @@ R_API RAnalValue *r_anal_value_new_from_string(const char *str) {
// mul*value+regbase+regidx+delta
R_API ut64 r_anal_value_to_ut64(RAnal *anal, RAnalValue *val) {
ut64 num;
if (!val) {
return 0LL;
}
num = val->base + (val->delta * (val->mul ? val->mul : 1));
R_RETURN_VAL_IF_FAIL (anal && val, 0LL);
ut64 num = val->base + (val->delta * (val->mul ? val->mul : 1));
if (val->reg) {
num += r_reg_getv (anal->reg, val->reg);
st64 n = (st64)r_reg_getv (anal->reg, val->reg);
if (ST64_ADD_OVFCHK (num, n)) {
num = UT64_MAX;
} else {
num += n;
}
}
if (val->regdelta) {
num += r_reg_getv (anal->reg, val->regdelta);
st64 n = (st64)r_reg_getv (anal->reg, val->regdelta);
if (ST64_ADD_OVFCHK (num, n)) {
num = UT64_MAX;
} else {
num += n;
}
}
switch (val->memref) {
case 1:
case 2:
case 4:
case 8:
//anal->bio ...
// anal->bio ...
R_LOG_INFO ("memref for to_ut64 is not supported");
break;
}
@ -37,24 +44,25 @@ R_API ut64 r_anal_value_to_ut64(RAnal *anal, RAnalValue *val) {
}
R_API bool r_anal_value_set_ut64(RAnal *anal, RAnalValue *val, ut64 num) {
R_RETURN_VAL_IF_FAIL (anal && val, false);
if (val->memref) {
if (anal->iob.io) {
if (R_LIKELY (anal->iob.io)) {
ut8 data[8];
ut64 addr = r_anal_value_to_ut64 (anal, val);
r_mem_set_num (data, val->memref, num);
anal->iob.write_at (anal->iob.io, addr, data, val->memref);
} else {
R_LOG_ERROR ("No IO binded to r_anal");
}
} else {
if (val->reg) {
r_reg_setv (anal->reg, val->reg, num);
return true;
}
R_LOG_ERROR ("No IO binded to r_anal");
return false;
}
return false; // is this necessary?
return (val->reg)
? r_reg_setv (anal->reg, val->reg, num)
: false;
}
R_API const char *r_anal_value_type_tostring(RAnalValue *value) {
R_RETURN_VAL_IF_FAIL (value, NULL);
switch (value->type) {
case R_ANAL_VAL_REG: return "reg";
case R_ANAL_VAL_MEM: return "mem";
@ -64,6 +72,7 @@ R_API const char *r_anal_value_type_tostring(RAnalValue *value) {
}
R_API char *r_anal_value_tostring(RAnalValue *value) {
R_RETURN_VAL_IF_FAIL (value, NULL);
char *out = NULL;
if (value) {
out = strdup ("");