File: 716481

package info (click to toggle)
libdisasm 0.23-7
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 2,648 kB
  • sloc: sh: 9,096; ansic: 7,970; perl: 1,915; asm: 694; makefile: 133; ruby: 3
file content (38 lines) | stat: -rw-r--r-- 1,037 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
 
From: =?utf-8?b?0L3QsNCx?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Fri, 31 Jan 2025 12:29:24 +0100
Subject: Limit ranges to INT_MAX (they're stored in an int later),
 else x86dis rMAAAAAAAA 0x -5 segfaults (Closes: #716481)

---
 x86dis/x86dis.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/x86dis/x86dis.c b/x86dis/x86dis.c
index 0bc4e83..2cfe032 100644
--- a/x86dis/x86dis.c
+++ b/x86dis/x86dis.c
@@ -20,6 +20,7 @@
 #include <fcntl.h>
 #include <stdlib.h>
 #include <string.h>
+#include <limits.h>
 #include <stdio.h>
 #include <sys/mman.h>
 #include <sys/stat.h>
@@ -712,10 +713,13 @@ int main( int argc, char **argv ) {
 				x+=2;
 				if ( x < argc ) {
 					off = strtoul( argv[x-1], NULL, 0 );
-					len = (unsigned int) 
+					len = (unsigned int)
 					      strtoul(argv[x], NULL, 0);
-					add_request( req_range, off, 
-						     len );
+					if ( len >= INT_MAX )
+						error = 1;
+					else
+						add_request( req_range, off,
+							     len );
 				} else {
 					error = 1;
 				}