diff options
| author | Cyrille Bagard <nocbos@gmail.com> | 2012-11-25 22:00:02 (GMT) |
|---|---|---|
| committer | Cyrille Bagard <nocbos@gmail.com> | 2012-11-25 22:00:02 (GMT) |
| commit | 671cacb80fd438a5f4d51db853ed08d7a6edb9ab (patch) | |
| tree | 3081bc41bca43137cca75e52fcbcf81798e8b4e2 /src/arch/dalvik | |
| parent | 40d448bc4734882ca4a2580b481738f4720ebabe (diff) | |
Fortified Chrysalide a little bit against wrong APK files.
git-svn-id: svn://svn.gna.org/svn/chrysalide/trunk@291 abbe820e-26c8-41b2-8c08-b7b2b41f8b0a
Diffstat (limited to 'src/arch/dalvik')
| -rw-r--r-- | src/arch/dalvik/decomp/const.c | 1 | ||||
| -rw-r--r-- | src/arch/dalvik/operands/pool.c | 82 |
2 files changed, 67 insertions, 16 deletions
diff --git a/src/arch/dalvik/decomp/const.c b/src/arch/dalvik/decomp/const.c index 2e63b36..47a859e 100644 --- a/src/arch/dalvik/decomp/const.c +++ b/src/arch/dalvik/decomp/const.c @@ -95,6 +95,7 @@ GDecInstruction *dalvik_decomp_instr_const_str(const GArchInstruction *instr, GD format = G_DEX_FORMAT(g_object_get_data(G_OBJECT(ctx), "format")); value = get_string_from_dex_pool(format, index); + if (value == NULL) return NULL; str = g_str_expression_new(value); diff --git a/src/arch/dalvik/operands/pool.c b/src/arch/dalvik/operands/pool.c index 803d173..fbe68cf 100644 --- a/src/arch/dalvik/operands/pool.c +++ b/src/arch/dalvik/operands/pool.c @@ -24,6 +24,7 @@ #include "pool.h" +#include <stdio.h> #include <string.h> @@ -181,6 +182,7 @@ static void g_dalvik_pool_operand_print(const GDalvikPoolOperand *operand, GBuff { const char *string; /* Chaîne de caractères #1 */ GDataType *type; /* Type à représenter */ + size_t len; /* Taille du texte à créer */ char *tmp; /* Chaîne de caractères #2 */ GBinVariable *field; /* Champ à représenter */ GBinRoutine *routine; /* Routine à représenter */ @@ -188,14 +190,30 @@ static void g_dalvik_pool_operand_print(const GDalvikPoolOperand *operand, GBuff switch (operand->type) { case DPT_NONE: - g_buffer_line_insert_text(line, BLC_ASSEMBLY, "????", 4, RTT_SECTION); + g_buffer_line_insert_text(line, BLC_ASSEMBLY, "????", 4, RTT_ERROR); break; case DPT_STRING: - g_buffer_line_insert_text(line, BLC_ASSEMBLY, "\"", 1, RTT_STRING); string = get_string_from_dex_pool(operand->format, operand->index); - g_buffer_line_insert_text(line, BLC_ASSEMBLY, string, strlen(string), RTT_STRING); - g_buffer_line_insert_text(line, BLC_ASSEMBLY, "\"", 1, RTT_STRING); + + if (string != NULL) + { + g_buffer_line_insert_text(line, BLC_ASSEMBLY, "\"", 1, RTT_STRING); + g_buffer_line_insert_text(line, BLC_ASSEMBLY, string, strlen(string), RTT_STRING); + g_buffer_line_insert_text(line, BLC_ASSEMBLY, "\"", 1, RTT_STRING); + } + else + { + len = strlen(_("<bad string index (%d)>")) + 10 /* 4294967295U */ + 1; + tmp = calloc(len, sizeof(char)); + snprintf(tmp, len, _("<bad string index (%d)>"), operand->index); + + g_buffer_line_insert_text(line, BLC_ASSEMBLY, tmp, len - 1, RTT_ERROR); + + free(tmp); + + } + break; case DPT_TYPE: @@ -205,14 +223,24 @@ static void g_dalvik_pool_operand_print(const GDalvikPoolOperand *operand, GBuff { tmp = g_data_type_to_string(type); g_object_unref(G_OBJECT(type)); + + g_buffer_line_insert_text(line, BLC_ASSEMBLY, "<", 1, RTT_HOOK); + g_buffer_line_insert_text(line, BLC_ASSEMBLY, tmp, strlen(tmp), RTT_VAR_NAME); + g_buffer_line_insert_text(line, BLC_ASSEMBLY, ">", 1, RTT_HOOK); + } else - tmp = strdup(_("invalid type")); + { + len = strlen(_("<bad type index (%d)>")) + 10 /* 4294967295U */ + 1; + tmp = calloc(len, sizeof(char)); + snprintf(tmp, len, _("<bad type index (%d)>"), operand->index); + + g_buffer_line_insert_text(line, BLC_ASSEMBLY, tmp, len - 1, RTT_ERROR); + + } - g_buffer_line_insert_text(line, BLC_ASSEMBLY, "<", 1, RTT_HOOK); - g_buffer_line_insert_text(line, BLC_ASSEMBLY, tmp, strlen(tmp), RTT_VAR_NAME); - g_buffer_line_insert_text(line, BLC_ASSEMBLY, ">", 1, RTT_HOOK); free(tmp); + break; case DPT_PROTO: @@ -226,13 +254,24 @@ static void g_dalvik_pool_operand_print(const GDalvikPoolOperand *operand, GBuff { tmp = g_binary_variable_to_string(field, false); g_object_unref(G_OBJECT(field)); + + g_buffer_line_insert_text(line, BLC_ASSEMBLY, "<", 1, RTT_HOOK); + g_buffer_line_insert_text(line, BLC_ASSEMBLY, tmp, strlen(tmp), RTT_VAR_NAME); + g_buffer_line_insert_text(line, BLC_ASSEMBLY, ">", 1, RTT_HOOK); + } else - tmp = strdup(_("invalid field")); + { + len = strlen(_("<bad field index (%d)>")) + 10 /* 4294967295U */ + 1; + tmp = calloc(len, sizeof(char)); + snprintf(tmp, len, _("<bad field index (%d)>"), operand->index); + + g_buffer_line_insert_text(line, BLC_ASSEMBLY, tmp, len - 1, RTT_ERROR); + + } + + free(tmp); - g_buffer_line_insert_text(line, BLC_ASSEMBLY, "<", 1, RTT_HOOK); - g_buffer_line_insert_text(line, BLC_ASSEMBLY, tmp, strlen(tmp), RTT_VAR_NAME); - g_buffer_line_insert_text(line, BLC_ASSEMBLY, ">", 1, RTT_HOOK); break; case DPT_METHOD: @@ -242,13 +281,24 @@ static void g_dalvik_pool_operand_print(const GDalvikPoolOperand *operand, GBuff { tmp = g_binary_routine_to_string(routine); g_object_unref(G_OBJECT(routine)); + + g_buffer_line_insert_text(line, BLC_ASSEMBLY, "<", 1, RTT_HOOK); + g_buffer_line_insert_text(line, BLC_ASSEMBLY, tmp, strlen(tmp), RTT_VAR_NAME); + g_buffer_line_insert_text(line, BLC_ASSEMBLY, ">", 1, RTT_HOOK); + } else - tmp = strdup(_("invalid method")); + { + len = strlen(_("<bad method index (%d)>")) + 10 /* 4294967295U */ + 1; + tmp = calloc(len, sizeof(char)); + snprintf(tmp, len, _("<bad method index (%d)>"), operand->index); + + g_buffer_line_insert_text(line, BLC_ASSEMBLY, tmp, len - 1, RTT_ERROR); + + } + + free(tmp); - g_buffer_line_insert_text(line, BLC_ASSEMBLY, "<", 1, RTT_HOOK); - g_buffer_line_insert_text(line, BLC_ASSEMBLY, tmp, strlen(tmp), RTT_VAR_NAME); - g_buffer_line_insert_text(line, BLC_ASSEMBLY, ">", 1, RTT_HOOK); break; } |