Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix #12417/#12418 (arm assembler heap overflows)
  • Loading branch information
devnexen authored and radare committed Dec 10, 2018
1 parent db18c78 commit e5c14c1
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion libr/asm/arch/arm/armass.c
Expand Up @@ -6545,7 +6545,7 @@ ut32 armass_assemble(const char *str, ut64 off, int thumb) {
int i, j;
char buf[128];
ArmOpcode aop = {.off = off};
for (i = j = 0; i < sizeof (buf) - 1 && str[i]; i++, j++) {
for (i = j = 0; i < sizeof (buf) - 1 && str[j]; i++, j++) {
if (str[j] == '#') {
i--; continue;
}
Expand Down
2 changes: 1 addition & 1 deletion libr/asm/arch/arm/armass64.c
Expand Up @@ -756,7 +756,7 @@ static bool parseOperands(char* str, ArmOp *op) {
} else if (!strncmp (token, "asr", 3)) {
op->operands[operand].shift = ARM_ASR;
}
if (op->operands[operand].shift != ARM_NO_SHIFT) {
if (strlen (token) > 4 && op->operands[operand].shift != ARM_NO_SHIFT) {
op->operands_count ++;
op->operands[operand].shift_amount = r_num_math (NULL, token + 4);
if (op->operands[operand].shift_amount > 63) {
Expand Down

0 comments on commit e5c14c1

Please sign in to comment.