diff options
author | Cyrille Bagard <nocbos@gmail.com> | 2016-09-24 21:18:51 (GMT) |
---|---|---|
committer | Cyrille Bagard <nocbos@gmail.com> | 2016-09-24 21:18:51 (GMT) |
commit | 3c970a0a1b74a1991be303132221329f3eef0b91 (patch) | |
tree | 7f3c9e8969f5c5c9fe1188c762dda0668c6f9ff6 /src/arch/dalvik/pseudo | |
parent | 65a4b8d9c1929fb7b171d630d336519fc4d418ef (diff) |
Prevented out of bounds access when moving the reading position forwards.
Diffstat (limited to 'src/arch/dalvik/pseudo')
-rw-r--r-- | src/arch/dalvik/pseudo/fill.c | 5 | ||||
-rw-r--r-- | src/arch/dalvik/pseudo/switch.c | 5 |
2 files changed, 8 insertions, 2 deletions
diff --git a/src/arch/dalvik/pseudo/fill.c b/src/arch/dalvik/pseudo/fill.c index 95880fc..e1e1822 100644 --- a/src/arch/dalvik/pseudo/fill.c +++ b/src/arch/dalvik/pseudo/fill.c @@ -191,7 +191,10 @@ GArchInstruction *g_dalvik_fill_instr_new(uint16_t ident, const GBinContent *con consumed = result->array_width * result->array_size; - advance_vmpa(pos, consumed); + if (!g_binary_content_seek(content, pos, consumed)) + goto gdfin_bad; + + g_arch_instruction_set_displayed_max_length(G_ARCH_INSTRUCTION(result), 8); return G_ARCH_INSTRUCTION(result); diff --git a/src/arch/dalvik/pseudo/switch.c b/src/arch/dalvik/pseudo/switch.c index 1bfc124..c1d0982 100644 --- a/src/arch/dalvik/pseudo/switch.c +++ b/src/arch/dalvik/pseudo/switch.c @@ -190,7 +190,10 @@ GArchInstruction *g_dalvik_switch_instr_new(uint16_t ident, const GBinContent *c else consumed = (2 * result->switch_size) * sizeof(uint32_t); - advance_vmpa(pos, consumed); + if (!g_binary_content_seek(content, pos, consumed)) + goto gdsin_bad; + + g_arch_instruction_set_displayed_max_length(G_ARCH_INSTRUCTION(result), 4); return G_ARCH_INSTRUCTION(result); |