Magic-Mirror/radare2
1
0
Fork 0
mirror of https://github.com/radareorg/radare2.git synced 2024-12-01 09:00:46 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
27,302 Commits 35 Branches 118 Tags 297 MiB
35482cb760
Commit Graph

3741 Commits

Author SHA1 Message Date
Sergi Àlvarez i Capilla
35482cb760 Fix UAF in pyc parser ##crash 
* Reported by Cen Zhang via huntr.dev
* Reproducer: bins/fuzzed/harep2.pyc
 2022-02-08 00:55:09 +01:00
Sergi Àlvarez i Capilla
8525ad0b9f Fix bins/*/rep8 - UAF crash in pyc parser ##crash 
* Reported by Cen Zhang via huntr.dev
 2022-02-07 23:58:09 +01:00
pancake
b30a4ea80b
Remove all the uses of %z as its not supported on Windows 2022-02-01 11:07:46 +01:00
pancake
917527306f
Address latest covs and remove some %zu format warnings (#19647) 2022-02-01 08:19:38 +01:00
pancake
feaa4e7f73 Fix null deref in xnu.kernelcache ##crash 
* Reported by @xshad3 via huntr.dev
 2022-01-31 02:32:50 +01:00
Sergi Àlvarez i Capilla
715c4e0ff1 Fix warning 2022-01-28 16:24:41 +01:00
Sergi Àlvarez i Capilla
3a57152f01 Address some more coverities and update m68k tests 2022-01-28 16:05:06 +01:00
pancake
d3d0e8f3ec Mark all globals (or most of them) as TLS variables ##core 2022-01-21 17:04:56 +01:00
pancake
f2995c2949
Introduce r_strf and stop using sdb_fmt ##util 2022-01-18 18:35:31 +01:00
Francesco Tamagni
7127e204a2 Return 0 in case __LINKEDIT is not there 2022-01-17 14:02:27 +01:00
Francesco Tamagni
16c788692b Compute symbols_off from __LINKEDIT vmaddr 2022-01-17 14:02:27 +01:00
Francesco Tamagni
64e163e4fc Get method name base from magic selector if __objc_scoffs isn't there 2022-01-17 14:02:27 +01:00
Francesco Tamagni
798472dd6d Handle random presence of /Versions/ in framework path 2022-01-17 14:02:27 +01:00
Lazula
6b8e6ab5f5 Always free key in r_bin_addr2line2() 2022-01-15 16:42:34 +01:00
Lazula
8d65cd4561 Free strings in Elf_(r_bin_elf_get_head_flag)() 2022-01-15 16:42:34 +01:00
Lazula
78a4b02470 Fix return values and entry leak in check_inlined_canary() 2022-01-15 01:11:21 +01:00
Lazula
c751d9b8b7 Use r_skiplist_insert_autofree() in mach0 walk_bind_chain_callback() 2022-01-14 00:28:09 +01:00
Sergi Àlvarez i Capilla
6dca5aca6f BinNE plugin delegates should be static 2022-01-13 18:15:13 +01:00
Francesco Tamagni
bae21844d0
Parse relocs from Mach-O chained binds if no opcodes ##bin 2022-01-13 16:33:17 +01:00
Francesco Tamagni
169c643a7a Add support for rebasing ARM64E_USERLAND24 chained format ##bin 2022-01-11 12:51:32 +01:00
Sergi Àlvarez i Capilla
e60bc5d12c Fix dyldcache uninitialized variable issue 2022-01-09 21:34:44 +01:00
pancake
fb0ec6ed00
Use stdint like if there was no yesterday ##refactor 
* stdint is needed to build r2, so there's no need to keep using
  those weak basic types anymore, and we can just alias them
 2022-01-09 19:48:16 +01:00
pancake
1ed14ca53a
Fix #19541 - Fix null deref and stack exhaustion bugs in the kernelcache ##bin 2022-01-01 18:06:26 +01:00
Sergi Àlvarez i Capilla
500686304a Fix UAF in p9 parser, add test 2021-12-30 21:23:10 +01:00
Sergi Àlvarez i Capilla
1eaee48370 Initial implementation of the 'aafs' command ##analysis 
* Find function entrypoints and creates a single basic block function
* Useful for fast initial analysis instead of aaa (30min vs 5s)
* Handy to get xrefs context in function boundaries
 2021-12-23 18:58:38 +01:00
junchao-loongson
efd05bc7e9
Add support for the new loongarch architecture ##analysis 
* Disasm, emulation, analysis and ELF support updated
 2021-12-23 12:37:29 +01:00
Lazula
ad749a0b1a Fix static/R_API function definition formatting 
* Remove spaces before parens
* Remove spaces after asterisks
 2021-12-21 20:58:12 +01:00
pancake
575c26f329 Fix some format string warnings in the mingw ci job 2021-12-21 00:31:28 +01:00
pancake
4bbc2f198e Fix last covs on wasm binparser and r2pm-c 2021-12-21 00:31:28 +01:00
pancake
03732b1312
Dont depend on case-sensitive FS to load the DLL sdbs ##bin (#19502) 2021-12-14 17:19:51 +01:00
Sergi Àlvarez i Capilla
4982055f30 Fix the last covs reported in pyc/avr/aao 2021-12-13 23:07:41 +01:00
Sergi Àlvarez i Capilla
1499a9337f Fix last covs related to the py marshall code 2021-12-09 18:00:58 +01:00
pancake
7b9ac97299 Fix #19478 - null deref in symbols file ##bin 2021-12-09 01:25:51 +01:00
Francesco Tamagni
5450345e9b
Support Mach-O DYLD_CHAINED_PTR_64_OFFSET format ##bin 2021-12-09 01:18:02 +01:00
pancake
862fe33631
Handle more ELF relocs for ARM binaries ##bin 
* Handle more ELF relocs for ARM binaries ##bin

Inspired by cd6bde4aeb
 2021-12-05 04:58:12 +01:00
pancake
e6f2cd0b2a
Remove trailing spaces (#19460) 
$ git grep ' $' | grep -v ^test/ | cut -d : -f 1 | sort -u > /tmp/trailing
$ for a in `cat /tmp/trailing` ; do sed -i -e 's/ *$//' $a ; done
 2021-12-02 17:39:59 +01:00
pancake
dafa685c24
Fix invalid pointer read issue in dwarf parser ##crash (#19459) 
* Exploited by tests_65179, tests_65180 and tests_64901
* Fix out of bounds issue causing memory corruption in unit test
 2021-12-02 12:20:30 +01:00
Sergi Àlvarez i Capilla
77d9fedab8 Fix #19455 - Negative tainted offset used in buffer for pyc causing oobread ##crash 2021-12-01 16:33:19 +01:00
pancake
7c20ef7f2a
Fix #19448 - Fix atoi on non-null terminated string in PE section headers ##crash 2021-11-29 10:19:52 +01:00
pancake
99d7b1f7a2 Fix #19443 - Fix the pyc tests and marshall uaf 
* Fix memleaks when parsing invalid pyc type objects
* Sometimes valgrind logs are nicer than asan ones
 2021-11-28 22:36:11 +01:00
pancake
4327d8322f
Bring back the mingw32 builds ##windows 
* Massage conflicting function signatures spotted by mingw
* Fix the spp visibility issue
* Enable 32 and 64bit mingw builds in the CI
 2021-11-28 22:10:51 +01:00
pancake
bf7ecde2cd Fix 319443 - pyc uaf marhall bug fixed properly 2021-11-28 02:13:25 +01:00
pancake
e9e5d9c7e1 oopsie 2021-11-28 01:58:54 +01:00
pancake
7ffe8ecaf2 Fix #19443 - UAF in marshall null object ##crash 2021-11-28 01:07:14 +01:00
pancake
0505cac914 Fix #19442 - Fix heap underflow in pyc marshalling ##crash 2021-11-28 00:39:01 +01:00
pancake
a0fd446a7b Fix #19444 - Null derefs in PE signature logic ##crash 2021-11-28 00:36:08 +01:00
meme
fbfebef9e6
Add Plan 9 symbol parsing ##bin 
All function and data symbols are now parsed and loaded into radare2. As
well, the BSS segment is now also loaded as zeroed virtual memory.
 2021-11-22 01:51:30 +01:00
meme
592e6407d6 Improve Plan 9 support ##bin 
Currently support for Plan 9 binaries is limited to i386 and even then
it doesn't work properly (certain sections won't load, the base address
is wrong, etc.)

With these changes, all architectures including ones from 9front are
supported.
 2021-11-21 20:15:00 +01:00
pancake
e77b0e7f67 Fix PE Metadata header name parsing (.net related) ##bin 2021-11-18 23:41:09 +01:00
Sergi Àlvarez i Capilla
060479f7e8 Fix null deref in macho rebasing function 2021-11-18 21:30:07 +01:00