summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog18
-rw-r--r--src/analysis/binary.c5
-rwxr-xr-xsrc/common/endianness.c4
-rw-r--r--src/common/leb128.c4
-rw-r--r--src/format/dex/dex-int.c4
-rw-r--r--src/format/dex/method.c9
-rw-r--r--src/panels/symbols.c2
7 files changed, 40 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index 5c8ae4c..3130bbe 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,21 @@
+10-06-15 Cyrille Bagard <nocbos@gmail.com>
+
+ * src/analysis/binary.c:
+ Be sure to stay in loaded binary data.
+
+ * src/common/endianness.c:
+ * src/common/leb128.c:
+ Report suspicious positions as errors.
+
+ * src/format/dex/dex-int.c:
+ Handle errors when allocating to much memory.
+
+ * src/format/dex/method.c:
+ Handle errors when loading methods from the DEX pool.
+
+ * src/panels/symbols.c:
+ Typo.
+
10-06-06 Cyrille Bagard <nocbos@gmail.com>
* src/analysis/routine.c:
diff --git a/src/analysis/binary.c b/src/analysis/binary.c
index 17fc172..d860efc 100644
--- a/src/analysis/binary.c
+++ b/src/analysis/binary.c
@@ -351,6 +351,7 @@ static GRenderingLine *disassemble_binary_parts(GDelayedDisassembly *disass, GBi
for (i = 0; i < disass->count; i++)
{
g_binary_part_get_values(disass->parts[i], NULL, &len, NULL);
+ if (len > disass->binary->bin_length) continue;
sum += len;
}
@@ -362,6 +363,8 @@ static GRenderingLine *disassemble_binary_parts(GDelayedDisassembly *disass, GBi
{
g_binary_part_get_values(disass->parts[i], &pos, &len, &base);
+ if (len > disass->binary->bin_length) continue;
+
/* Décodage des instructions */
start = pos;
@@ -379,8 +382,6 @@ static GRenderingLine *disassemble_binary_parts(GDelayedDisassembly *disass, GBi
/* Ajout des prototypes de fonctions */
- printf("BASE == 0x%08llx\n", base);
-
for (; k < count; k++)
{
routine_offset = g_binary_routine_get_address(routines[k]);
diff --git a/src/common/endianness.c b/src/common/endianness.c
index 5c9b183..3a2a653 100755
--- a/src/common/endianness.c
+++ b/src/common/endianness.c
@@ -44,6 +44,7 @@
bool read_u4(uint8_t *target, const bin_t *data, off_t *pos, off_t len, bool *low, SourceEndian endian)
{
+ if (*pos < 0) return false;
if ((len - *pos) < 1) return false;
if (*low)
@@ -81,6 +82,7 @@ bool read_u4(uint8_t *target, const bin_t *data, off_t *pos, off_t len, bool *lo
bool read_u8(uint8_t *target, const bin_t *data, off_t *pos, off_t len, SourceEndian endian)
{
+ if (*pos < 0) return false;
if ((len - *pos) < 1) return false;
*target = data[*pos];
@@ -110,6 +112,7 @@ bool read_u8(uint8_t *target, const bin_t *data, off_t *pos, off_t len, SourceEn
bool read_u16(uint16_t *target, const bin_t *data, off_t *pos, off_t len, SourceEndian endian)
{
+ if (*pos < 0) return false;
if ((len - *pos) < 2) return false;
switch (endian)
@@ -181,6 +184,7 @@ bool read_u16(uint16_t *target, const bin_t *data, off_t *pos, off_t len, Source
bool read_u32(uint32_t *target, const bin_t *data, off_t *pos, off_t len, SourceEndian endian)
{
+ if (*pos < 0) return false;
if ((len - *pos) < 4) return false;
switch (endian)
diff --git a/src/common/leb128.c b/src/common/leb128.c
index 4a03797..1b65fa7 100644
--- a/src/common/leb128.c
+++ b/src/common/leb128.c
@@ -45,6 +45,8 @@ bool read_uleb128(uleb128_t *target, const bin_t *data, off_t *pos, off_t len)
int shift; /* Décallage à appliquer */
off_t i; /* Boucle de parcours */
+ if (*pos < 0) return false;
+
shift = 0;
*target = 0;
@@ -87,6 +89,8 @@ bool read_leb128(leb128_t *target, const bin_t *data, off_t *pos, off_t len)
int shift; /* Décallage à appliquer */
off_t i; /* Boucle de parcours */
+ if (*pos < 0) return false;
+
shift = 0;
*target = 0;
diff --git a/src/format/dex/dex-int.c b/src/format/dex/dex-int.c
index 8f5b408..5628e6b 100644
--- a/src/format/dex/dex-int.c
+++ b/src/format/dex/dex-int.c
@@ -454,6 +454,7 @@ bool read_dex_class_data_item(const GDexFormat *format, off_t *pos, class_data_i
if (result && item->static_fields_size > 0)
{
item->static_fields = (encoded_field *)calloc(item->static_fields_size, sizeof(encoded_field));
+ if (item->static_fields == NULL) item->static_fields_size = 0;
for (i = 0; i < item->static_fields_size && result; i++)
result = read_dex_encoded_field(format, pos, &item->static_fields[i]);
@@ -463,6 +464,7 @@ bool read_dex_class_data_item(const GDexFormat *format, off_t *pos, class_data_i
if (result && item->instance_fields_size > 0)
{
item->instance_fields = (encoded_field *)calloc(item->instance_fields_size, sizeof(encoded_field));
+ if (item->instance_fields == NULL) item->instance_fields_size = 0;
for (i = 0; i < item->instance_fields_size && result; i++)
result = read_dex_encoded_field(format, pos, &item->instance_fields[i]);
@@ -472,6 +474,7 @@ bool read_dex_class_data_item(const GDexFormat *format, off_t *pos, class_data_i
if (result && item->direct_methods_size > 0)
{
item->direct_methods = (encoded_method *)calloc(item->direct_methods_size, sizeof(encoded_method));
+ if (item->direct_methods == NULL) item->direct_methods_size = 0;
for (i = 0; i < item->direct_methods_size && result; i++)
result = read_dex_encoded_method(format, pos, &item->direct_methods[i]);
@@ -481,6 +484,7 @@ bool read_dex_class_data_item(const GDexFormat *format, off_t *pos, class_data_i
if (result && item->virtual_methods_size > 0)
{
item->virtual_methods = (encoded_method *)calloc(item->virtual_methods_size, sizeof(encoded_method));
+ if (item->virtual_methods == NULL) item->virtual_methods_size = 0;
for (i = 0; i < item->virtual_methods_size && result; i++)
result = read_dex_encoded_method(format, pos, &item->virtual_methods[i]);
diff --git a/src/format/dex/method.c b/src/format/dex/method.c
index 4888c89..ce4d8dd 100644
--- a/src/format/dex/method.c
+++ b/src/format/dex/method.c
@@ -135,6 +135,12 @@ GDexMethod *g_dex_method_new(const GDexFormat *format, const encoded_method *see
if (!read_dex_code_item(format, &offset, &item))
return NULL;
+ *last += seed->method_idx_diff;
+ routine = get_routine_from_dex_pool(format, *last);
+
+ if (routine == NULL) return NULL;
+
+
result = g_object_new(G_TYPE_DEX_METHOD, NULL);
result->body = item;
@@ -143,9 +149,6 @@ GDexMethod *g_dex_method_new(const GDexFormat *format, const encoded_method *see
//printf(" code size :: %d\n", item.insns_size);
- *last += seed->method_idx_diff;
- routine = get_routine_from_dex_pool(format, *last);
-
printf(" method idx :: %lld\n", *last);
diff --git a/src/panels/symbols.c b/src/panels/symbols.c
index 534afee..d24bedf 100644
--- a/src/panels/symbols.c
+++ b/src/panels/symbols.c
@@ -518,7 +518,7 @@ static bool find_parent_for_routine(GtkTreeStore *store, const GBinRoutine *rout
char *saveptr; /* Ctx. interne de découpage */
namespace = g_binary_routine_get_namespace(routine);
- if (routine == NULL) return false;
+ if (namespace == NULL) return false;
string = g_openida_type_to_string(namespace);