Skip to content

Commit

Permalink
Fix UAF in aaef ##crash
Browse files Browse the repository at this point in the history 
* Reported by @hdthky
* Reproducer: uaf-aef
* BountyID: e98ad92c-3a64-48fb-84d4-d13afdbcbdd7
  • Loading branch information
@trufae
trufae committed Apr 8, 2022
1 parent 6d5628c commit 64a82e2
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions libr/core/canal.c
View file
Expand Up @@ -5295,10 +5295,6 @@ R_API void r_core_anal_esil(RCore *core, const char *str, const char *target) {
arch = R2_ARCH_MIPS;
}

const char *sn = r_reg_get_name (core->anal->reg, R_REG_NAME_SN);
if (!sn) {
eprintf ("Warning: No SN reg alias for current architecture.\n");
}
r_reg_arena_push (core->anal->reg);

IterCtx ictx = { start, end, fcn, NULL };
Expand Down Expand Up @@ -5409,6 +5405,10 @@ R_API void r_core_anal_esil(RCore *core, const char *str, const char *target) {
goto repeat;
}
}
const char *sn = r_reg_get_name (core->anal->reg, R_REG_NAME_SN);
if (!sn) {
eprintf ("Warning: No SN reg alias for current architecture.\n");
}
if (sn && op.type == R_ANAL_OP_TYPE_SWI) {
r_strf_buffer (64);
r_flag_space_set (core->flags, R_FLAGS_FS_SYSCALLS);
Expand Down

0 comments on commit 64a82e2

Please sign in to comment.