Magic-Mirror/radare2
1
0
Fork 0
mirror of https://github.com/radareorg/radare2.git synced 2025-01-11 00:06:19 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

fcn_recurse: Fix dangling pointers if r_anal_op's setting of asm.bits is fully processed (#17547)

Browse Source
This commit is contained in:
Khairul Azhar Kasmiran 2020-08-30 12:15:31 +08:00 committed by GitHub
parent 0b671bc357
commit ef0beed4b1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
libr/anal/fcn.c
View File

@ -501,9 +501,6 @@ static int fcn_recurse(RAnal *anal, RAnalFunction *fcn, ut64 addr, ut64 len, int
variadic_reg = r_reg_get (anal->reg, "rax", R_REG_TYPE_GPR);
}
bool has_variadic_reg = !!variadic_reg;
const char *bp_reg = anal->reg->name[R_REG_NAME_BP];
const char *sp_reg = anal->reg->name[R_REG_NAME_SP];
bool has_stack_regs = bp_reg && sp_reg;
if (r_cons_is_breaked ()) {
return R_ANAL_RET_END;
@ -645,6 +642,10 @@ repeat:
// RET_END causes infinite loops somehow
gotoBeach (R_ANAL_RET_END);
}
const char *bp_reg = anal->reg->name[R_REG_NAME_BP];
const char *sp_reg = anal->reg->name[R_REG_NAME_SP];
bool has_stack_regs = bp_reg && sp_reg;
if (anal->opt.nopskip && fcn->addr == at) {
RFlagItem *fi = anal->flb.get_at (anal->flb.f, addr, false);
if (!fi || strncmp (fi->name, "sym.", 4)) {
@ -1289,7 +1290,9 @@ analopfinish:
last_is_mov_lr_pc = false;
}
if (has_variadic_reg && !fcn->is_variadic) {
bool dst_is_variadic = op.dst && op.dst->reg && op.dst->reg->offset == variadic_reg->offset;
variadic_reg = r_reg_get (anal->reg, "rax", R_REG_TYPE_GPR);
bool dst_is_variadic = op.dst && op.dst->reg
&& variadic_reg && op.dst->reg->offset == variadic_reg->offset;
bool op_is_cmp = (op.type == R_ANAL_OP_TYPE_CMP) || op.type == R_ANAL_OP_TYPE_ACMP;
if (dst_is_variadic && !op_is_cmp) {
has_variadic_reg = false;