From 90a485a71067fa1a3e54f9ee87a8ff2618f3e3dd Mon Sep 17 00:00:00 2001 From: wargio Date: Mon, 22 Aug 2022 18:39:02 +0200 Subject: [PATCH] fix #2954 - oob read in dex.c --- librz/bin/format/dex/dex.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/librz/bin/format/dex/dex.c b/librz/bin/format/dex/dex.c index a42dbfccc49..576e1423a61 100644 --- a/librz/bin/format/dex/dex.c +++ b/librz/bin/format/dex/dex.c @@ -816,6 +816,9 @@ static char *dex_resolve_proto_id(RzBinDex *dex, const char *name, ut32 proto_id rz_strbuf_append(sb, "("); for (ut32 i = 0; i < proto_id->type_list_size; ++i) { ut32 type_idx = proto_id->type_list[i]; + if (type_idx >= dex->type_ids_size) { + continue; + } const DexString *param = dex_resolve_string_id_native(dex, dex->types[type_idx]); if (!param) {