Segfault in src/search_gadgets.c:38

[JonathanSalwan]

Segault reported by Bartlomiej

$ file ./ROPgadget
./ROPgadget: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV),
for GNU/Linux 2.6.15, dynamically linked (uses shared libs), not stripped

[maciek@SN4-WR1-wcss ~]$ ./ROPgadget /lib64/libc.so.6
Gadgets information
============================================================
Segmentation fault (core dumped)

Core was generated by `./ROPgadget /lib64/libc.so.6'.
Program terminated with signal 11, Segmentation fault.
#0  0x004c4233 in strlen () from /lib/libc.so.6
(gdb) bt
#0  0x004c4233 in strlen () from /lib/libc.so.6
#1  0x00495064 in vfprintf () from /lib/libc.so.6
#2  0x00495902 in buffered_vfprintf () from /lib/libc.so.6
#3  0x0049136d in vfprintf () from /lib/libc.so.6
#4  0x0053b9cb in __fprintf_chk () from /lib/libc.so.6
#5  0x0804a16d in fprintf (bin=0x990b008, gadgets=0x807e960,
NbGadFound=0xff8e04dc, NbTotalGadFound=0xff8e04d8) at
/usr/include/bits/stdio2.h:98
#6  check_gadget (bin=0x990b008, gadgets=0x807e960,
NbGadFound=0xff8e04dc, NbTotalGadFound=0xff8e04d8) at
src/search_gadgets.c:38
#7  find_all_gadgets (bin=0x990b008, gadgets=0x807e960,
NbGadFound=0xff8e04dc, NbTotalGadFound=0xff8e04d8) at
src/search_gadgets.c:125
#8  0x0804a47d in search_gadgets (bin=0x990b008) at src/search_gadgets.c:150
#9  0x08049489 in main (argc=2, argv=0xff8e05d4) at src/main.c:234

So it segfaults when 32-bit version run against 64-bit binary.

[allanlw]

I pushed a fix for this so it would use the right format string.