diff options
author | Cyrille Bagard <nocbos@gmail.com> | 2018-09-06 20:45:36 (GMT) |
---|---|---|
committer | Cyrille Bagard <nocbos@gmail.com> | 2018-09-06 20:45:36 (GMT) |
commit | 9aaaa651d924eb30e46f26690aea007b7d868e35 (patch) | |
tree | 846d8f5d27bc7c289a6b0241f1ad3fbe2510f1c6 | |
parent | 9dac560b09bfea058e0286b1a5cd25c37290af39 (diff) |
Fixed possible UAFs when adding symbols.
-rw-r--r-- | plugins/elf/strings.c | 5 | ||||
-rw-r--r-- | plugins/pychrysalide/format/format.c | 1 | ||||
-rw-r--r-- | plugins/readelf/strtab.c | 5 |
3 files changed, 11 insertions, 0 deletions
diff --git a/plugins/elf/strings.c b/plugins/elf/strings.c index 4d6b5c8..7dd644e 100644 --- a/plugins/elf/strings.c +++ b/plugins/elf/strings.c @@ -356,6 +356,9 @@ static bool do_elf_string_loading(GElfLoading *loading, GElfFormat *format, phys range = g_arch_instruction_get_range(instr); symbol = g_string_symbol_new_read_only(base, range, SET_GUESS); + + g_object_ref(G_OBJECT(symbol)); + g_binary_format_add_symbol(base, symbol); /* Jointure avec la chaîne précédente ? */ @@ -368,6 +371,8 @@ static bool do_elf_string_loading(GElfLoading *loading, GElfFormat *format, phys if (cut) g_string_symbol_build_label(G_STR_SYMBOL(symbol), base); + g_object_unref(G_OBJECT(symbol)); + } /* Conclusion */ diff --git a/plugins/pychrysalide/format/format.c b/plugins/pychrysalide/format/format.c index bf6c3f1..af881af 100644 --- a/plugins/pychrysalide/format/format.c +++ b/plugins/pychrysalide/format/format.c @@ -130,6 +130,7 @@ static PyObject *py_binary_format_add_symbol(PyObject *self, PyObject *args) format = G_BIN_FORMAT(pygobject_get(self)); symbol = G_BIN_SYMBOL(pygobject_get(symbol_obj)); + g_object_ref(G_OBJECT(symbol)); added = g_binary_format_add_symbol(format, symbol); result = added ? Py_True : Py_False; diff --git a/plugins/readelf/strtab.c b/plugins/readelf/strtab.c index 3cbe353..7645dec 100644 --- a/plugins/readelf/strtab.c +++ b/plugins/readelf/strtab.c @@ -113,6 +113,9 @@ static void parse_elf_string_table(GElfFormat *format, GPreloadInfo *info, const irange = g_arch_instruction_get_range(instr); symbol = g_string_symbol_new_read_only(base, irange, SET_GUESS); + + g_object_ref(G_OBJECT(symbol)); + g_binary_format_add_symbol(base, symbol); /* Jointure avec la chaîne précédente ? */ @@ -120,6 +123,8 @@ static void parse_elf_string_table(GElfFormat *format, GPreloadInfo *info, const if (cut) g_string_symbol_build_label(G_STR_SYMBOL(symbol), base); + g_object_unref(G_OBJECT(symbol)); + } /* Conclusion */ |