Skip to content
Permalink
Browse files

Python 3 fixes for string/bytes comparisons (#1426)

  • Loading branch information
kazkansouh committed Feb 8, 2020
1 parent f3b492d commit ed3c30aed344bd520fd57f5853bcf850e97ccb3e
Showing with 5 additions and 3 deletions.
  1. +5 −3 pwnlib/dynelf.py
@@ -292,7 +292,7 @@ def _find_base(self, ptr):
w = None

while True:
if self.leak.compare(ptr, '\x7fELF'):
if self.leak.compare(ptr, b'\x7fELF'):
break

# See if we can short circuit the search
@@ -641,7 +641,7 @@ def _dynamic_load_dynelf(self, libname):
p_name = leak.field(cur, LinkMap.l_name)
name = leak.s(p_name)

if libname in name:
if libname.encode('utf-8') in name:
break

if name:
@@ -740,6 +740,7 @@ def _resolve_symbol_sysv(self, libbase, symb, hshtab, strtab, symtab):

# Leak the name of the function from the symbol table
name = leak.s(strtab + leak.field(sym, Sym.st_name))
name = name.decode('utf-8')

# Make sure it matches the name of the symbol we were looking for.
if name == symb:
@@ -823,6 +824,7 @@ def _resolve_symbol_gnu(self, libbase, symb, hshtab, strtab, symtab):
# Check for collision on hash values
sym = symtab + sizeof(Sym) * (ndx + i)
name = leak.s(strtab + leak.field(sym, Sym.st_name))
name = name.decode('utf-8')

if name == symb:
# No collision, get offset and calculate address
@@ -854,7 +856,7 @@ def _lookup_build_id(self, lib = None):

for offset in libcdb.get_build_id_offsets():
address = libbase + offset
if self.leak.compare(address + 0xC, "GNU\x00"):
if self.leak.compare(address + 0xC, b"GNU\x00"):
return enhex(b''.join(self.leak.raw(address + 0x10, 20)))
else:
self.status("Build ID not found at offset %#x" % offset)

0 comments on commit ed3c30a

Please sign in to comment.
You can’t perform that action at this time.