Skip to content

Fix crash in CorelliumAdapter::BreakInto when m_rspConnector is null#1073

Merged
xusheng6 merged 1 commit into
devfrom
fix-corellium-breakinto-null-check
May 13, 2026
Merged

Fix crash in CorelliumAdapter::BreakInto when m_rspConnector is null#1073
xusheng6 merged 1 commit into
devfrom
fix-corellium-breakinto-null-check

Conversation

@xusheng6
Copy link
Copy Markdown
Member

@xusheng6 xusheng6 commented May 13, 2026
edited
Loading

Summary

  • Adds the same !m_isTargetRunning || !m_rspConnector guard to CorelliumAdapter::BreakInto that GdbAdapter::BreakInto already has, preventing a null-pointer dereference in RspConnector::SendRaw.
  • Resolves the Sentry-reported crash EXCEPTION_ACCESS_VIOLATION_READ / 0x50 at rspconnector.cpp:223 reached via CorelliumAdapter::BreakInto.

Fixes #1066
Fixes BINARYNINJA-3X

Sentry context

  • 23 events since 2026-04-15 across many distinct users (Belgium, Saudi Arabia, US, Vietnam, France, China, macOS once)
  • 22/23 events on Free edition, 1 on Personal, none on Commercial/Enterprise
  • 22/23 on Windows (heavily Windows 11 25H2 / build 26200), 1 on macOS
  • All on binaryninja@5.3.9434
  • Likely scenario: users pick "Corellium" from the adapter dropdown without ever connecting, then click Pause — m_rspConnector is still null and the unconditional SendRaw crashes. The 0x50 faulting address is consistent with a null this deref reading a field at offset 0x50 inside RspConnector.

Test plan

  • Build the debugger and confirm Corellium adapter still attaches/breaks normally on a live target.
  • Select the Corellium adapter without connecting, click Pause, confirm no crash (previously crashed, now should just no-op).

🤖 Generated with Claude Code

@xusheng6 @claude
Fix crash in CorelliumAdapter::BreakInto when m_rspConnector is null
efb21ee 
Mirror the null check that GdbAdapter::BreakInto already performs to
avoid dereferencing m_rspConnector before the adapter is fully connected
or after it has been torn down.

Fixes #1066

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@xusheng6 xusheng6 added this to the Jotunheim Release 2 milestone May 13, 2026
@xusheng6 xusheng6 merged commit ffcb348 into dev May 13, 2026
1 check passed
@xusheng6 xusheng6 deleted the fix-corellium-breakinto-null-check branch May 13, 2026 21:36
This was referenced May 13, 2026
Open
Open
@xusheng6 xusheng6 self-assigned this May 14, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@xusheng6 xusheng6

Labels

None yet

Projects

None yet

Milestone

Jotunheim Release 2

Development

Successfully merging this pull request may close these issues.

Crash inside BinaryNinjaDebugger::RspConnector::SendRaw

1 participant

@xusheng6