Skip to content

Commit

Permalink
Fix UAF in aaft (tests_64923) ##crash
Browse files Browse the repository at this point in the history
Reported by giantbranch of NSFOCUS TIANJI Lab
  • Loading branch information
trufae committed Oct 30, 2021
1 parent 49b0ceb commit 6544881
Showing 1 changed file with 5 additions and 3 deletions.
8 changes: 5 additions & 3 deletions libr/core/anal_tp.c
Original file line number Diff line number Diff line change
Expand Up @@ -504,11 +504,12 @@ R_API void r_core_anal_type_match(RCore *core, RAnalFunction *fcn) {
char prev_type[256] = {0};
const char *prev_dest = NULL;
char *ret_reg = NULL;
const char *pc = r_reg_get_name (core->dbg->reg, R_REG_NAME_PC);
if (!pc) {
free (buf);
const char *_pc = r_reg_get_name (core->dbg->reg, R_REG_NAME_PC);
if (!_pc) {
free (buf);
return;
}
char *pc = strdup (_pc);
RRegItem *r = r_reg_get (core->dbg->reg, pc, -1);
if (!r) {
free (buf);
Expand Down Expand Up @@ -778,4 +779,5 @@ R_API void r_core_anal_type_match(RCore *core, RAnalFunction *fcn) {
free (buf);
r_cons_break_pop();
anal_emul_restore (core, hc, dt, et);
free (pc);
}

0 comments on commit 6544881

Please sign in to comment.