summaryrefslogtreecommitdiff
path: root/src/arch/dalvik/pseudo
diff options
context:
space:
mode:
authorCyrille Bagard <nocbos@gmail.com>2016-09-24 21:18:51 (GMT)
committerCyrille Bagard <nocbos@gmail.com>2016-09-24 21:18:51 (GMT)
commit3c970a0a1b74a1991be303132221329f3eef0b91 (patch)
tree7f3c9e8969f5c5c9fe1188c762dda0668c6f9ff6 /src/arch/dalvik/pseudo
parent65a4b8d9c1929fb7b171d630d336519fc4d418ef (diff)
Prevented out of bounds access when moving the reading position forwards.
Diffstat (limited to 'src/arch/dalvik/pseudo')
-rw-r--r--src/arch/dalvik/pseudo/fill.c5
-rw-r--r--src/arch/dalvik/pseudo/switch.c5
2 files changed, 8 insertions, 2 deletions
diff --git a/src/arch/dalvik/pseudo/fill.c b/src/arch/dalvik/pseudo/fill.c
index 95880fc..e1e1822 100644
--- a/src/arch/dalvik/pseudo/fill.c
+++ b/src/arch/dalvik/pseudo/fill.c
@@ -191,7 +191,10 @@ GArchInstruction *g_dalvik_fill_instr_new(uint16_t ident, const GBinContent *con
consumed = result->array_width * result->array_size;
- advance_vmpa(pos, consumed);
+ if (!g_binary_content_seek(content, pos, consumed))
+ goto gdfin_bad;
+
+ g_arch_instruction_set_displayed_max_length(G_ARCH_INSTRUCTION(result), 8);
return G_ARCH_INSTRUCTION(result);
diff --git a/src/arch/dalvik/pseudo/switch.c b/src/arch/dalvik/pseudo/switch.c
index 1bfc124..c1d0982 100644
--- a/src/arch/dalvik/pseudo/switch.c
+++ b/src/arch/dalvik/pseudo/switch.c
@@ -190,7 +190,10 @@ GArchInstruction *g_dalvik_switch_instr_new(uint16_t ident, const GBinContent *c
else
consumed = (2 * result->switch_size) * sizeof(uint32_t);
- advance_vmpa(pos, consumed);
+ if (!g_binary_content_seek(content, pos, consumed))
+ goto gdsin_bad;
+
+ g_arch_instruction_set_displayed_max_length(G_ARCH_INSTRUCTION(result), 4);
return G_ARCH_INSTRUCTION(result);