Virtualization
/
capstone
mirror of https://gitlab.com/qemu-project/capstone.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix Thumb disassembler memory corruption with IT sequence (issue #385)

This commit is contained in:
Nikolay Igotti 2015-06-03 15:38:45 +02:00
parent b1d12e50d4
commit 1bcb7d6cc6
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
arch/ARM/ARMDisassembler.c
View File

@ -44,6 +44,10 @@
static bool ITStatus_push_back(ARM_ITStatus *it, char v) static bool ITStatus_push_back(ARM_ITStatus *it, char v)
{ {
if (it->size >= sizeof(it->ITStates)) {
// TODO: consider warning user.
it->size = 0;
}
it->ITStates[it->size] = v; it->ITStates[it->size] = v;
it->size++; it->size++;
@ -730,8 +734,7 @@ static DecodeStatus _Thumb_getInstruction(cs_struct *ud, MCInst *MI, const uint8
// Nested IT blocks are UNPREDICTABLE. Must be checked before we add // Nested IT blocks are UNPREDICTABLE. Must be checked before we add
// the Thumb predicate. // the Thumb predicate.
if (MCInst_getOpcode(MI) == ARM_t2IT && ITStatus_instrInITBlock(&(ud->ITBlock))) if (MCInst_getOpcode(MI) == ARM_t2IT && ITStatus_instrInITBlock(&(ud->ITBlock)))
result = MCDisassembler_SoftFail; return MCDisassembler_SoftFail;
Check(&result, AddThumbPredicate(ud, MI)); Check(&result, AddThumbPredicate(ud, MI));
// If we find an IT instruction, we need to parse its condition // If we find an IT instruction, we need to parse its condition