From a0d0e565b0a0a7740379f2c67e2254a6759307ee Mon Sep 17 00:00:00 2001 From: wargio Date: Mon, 22 Aug 2022 19:43:53 +0200 Subject: [PATCH] fix #2962 - oob read in bin.c --- librz/bin/bin.c | 10 +++++++--- librz/demangler/demangler.c | 2 +- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/librz/bin/bin.c b/librz/bin/bin.c index 734df386757..0188d9f280b 100644 --- a/librz/bin/bin.c +++ b/librz/bin/bin.c @@ -1382,8 +1382,8 @@ RZ_API RZ_OWN char *rz_bin_demangle(RZ_NULLABLE RzBinFile *bf, RZ_NULLABLE const if (!found) { lib = NULL; } - size_t len = strlen(bin->file); - if (!rz_str_ncasecmp(symbol, bin->file, len)) { + size_t len = bin ? strlen(bin->file) : 0; + if (bin && len > 0 && !rz_str_ncasecmp(symbol, bin->file, len)) { lib = bin->file; symbol += len; if (*symbol == '_') { @@ -1432,7 +1432,11 @@ RZ_API RZ_OWN char *rz_bin_demangle(RZ_NULLABLE RzBinFile *bf, RZ_NULLABLE const case RZ_BIN_LANGUAGE_RUST: demangled = NULL; break; case RZ_BIN_LANGUAGE_CXX: demangled = NULL; break; #endif - default: rz_demangler_resolve(bin->demangler, symbol, language, &demangled); + default: + if (bin) { + rz_demangler_resolve(bin->demangler, symbol, language, &demangled); + } + break; } if (libs && demangled && lib) { char *d = rz_str_newf("%s_%s", lib, demangled); diff --git a/librz/demangler/demangler.c b/librz/demangler/demangler.c index 7b485d11f82..c08d967bd88 100644 --- a/librz/demangler/demangler.c +++ b/librz/demangler/demangler.c @@ -185,7 +185,7 @@ RZ_API RZ_BORROW const RzDemanglerPlugin *rz_demangler_plugin_get(RZ_NONNULL RzD * This function fails only when the requested language is not available. */ RZ_API bool rz_demangler_resolve(RZ_NONNULL RzDemangler *dem, RZ_NULLABLE const char *symbol, RZ_NONNULL const char *language, RZ_NONNULL RZ_OWN char **output) { - rz_return_val_if_fail(language && dem->plugins && output, false); + rz_return_val_if_fail(language && dem && dem->plugins && output, false); if (RZ_STR_ISEMPTY(symbol)) { *output = NULL;