Fix #3691 - Fix unitialized memory in 32bit esil write op

2025-03-06 13:29:46 +00:00 · 2015-11-16 10:29:03 +01:00 · 2015-11-16 10:29:03 +01:00 · e0de679118
commit e0de679118
parent 18604cded8
2 changed files with 10 additions and 7 deletions
--- a/libr/anal/esil.c
+++ b/libr/anal/esil.c
@ -1351,6 +1351,7 @@ static int esil_poke_some(RAnalEsil *esil) {
 					isregornum (esil, foo, &num64);
 					/* TODO : implement peek here */
 					// read from $dst 
+					num32 = num64;
 					ret = r_anal_esil_mem_write (esil, ptr,
 						(const ut8*)&num32, sizeof (num32));
 					if (ret != sizeof (num32)) {
--- a/libr/io/cache.c
+++ b/libr/io/cache.c
@ -78,23 +78,24 @@ R_API int r_io_cache_list(RIO *io, int rad) {

 	r_list_foreach (io->cache, iter, c) {
 		if (rad) {
+			ut64 n;
 			io->cb_printf ("wx ");
-			for (i=0; i<c->size; i++)
-				io->cb_printf ("%02x", c->data[i]);
+			for (i=0; i < c->size; i++)
+				io->cb_printf ("%02x", (ut8)(c->data[i] & 0xff));
 			io->cb_printf (" @ 0x%08"PFMT64x, c->from);
 			io->cb_printf (" # replaces: ");
-			for (i=0; i<c->size; i++)
-				io->cb_printf ("%02x", c->odata[i]);
+			for (i=0; i < c->size; i++)
+				io->cb_printf ("%02x", (ut8)(c->odata[i] & 0xff));
 			io->cb_printf ("\n");
 		} else {
 			io->cb_printf ("idx=%d addr=0x%08"PFMT64x" size=%d ",
 				j, c->from, c->size);
-			for (i=0; i<c->size; i++)
+			for (i=0; i < c->size; i++)
 				io->cb_printf ("%02x", c->odata[i]);
 			io->cb_printf (" -> ");
-			for (i=0; i<c->size; i++)
+			for (i=0; i < c->size; i++)
 				io->cb_printf ("%02x", c->data[i]);
-			io->cb_printf (" %s\n", c->written?"(written)":"(not written)");
+			io->cb_printf (" %s\n", c->written? "(written)": "(not written)");
 		}
 		j++;
 	}
@ -106,6 +107,7 @@ R_API int r_io_cache_write(RIO *io, ut64 addr, const ut8 *buf, int len) {
 	if (io->cached == 2) // magic hackaround
 		return 0;
 	ch = R_NEW0 (RIOCache);
+	if (!ch) return 0;
 	ch->from = addr;
 	ch->to = addr + len;
 	ch->size = len;