| commit | 9b05974022da69c12b8b190c6ad100402771e5ad | |
| author | Cyrill Gorcunov <gorcunov@gmail.com> | |
| Sun, 14 Dec 2014 19:44:54 +0000 (14 22:44 +0300) | ||
| committer | Cyrill Gorcunov <gorcunov@gmail.com> | |
| Sun, 14 Dec 2014 19:44:54 +0000 (14 22:44 +0300) | ||
| tree | f9f6fa0a0f853c4d6bd138e18c940b76c326dd1a | treesnapshot (tar.gz zip) |
| parent | 1cccb1e8d5618f054b509b6eaf9e1cee13985bc7 | commitdiff |
ndisasm: Prevent nil dereference on registerd decoding
The sequence | 0x0F 0x1B 0x75 | get matched into
one of BNDx instruction which register value 6
which is of course out of possible BND registers
implemented in hardware at the moment leading to
nil dereference.
Instead lets use a macro in whichreg() helper
which would test the registers bounds and force
the caller to try another template if register is
out of range. In the case above it simply means
ndisasm instead of crashing outputs
| 00000000 0F db 0x0f
| 00000001 1B db 0x1b
| 00000002 75 db 0x75
http://bugzilla.nasm.us/show_bug.cgi?id=3392289
Reported-by: Hanno Boeck <hanno@hboeck.de>
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
The sequence | 0x0F 0x1B 0x75 | get matched into
one of BNDx instruction which register value 6
which is of course out of possible BND registers
implemented in hardware at the moment leading to
nil dereference.
Instead lets use a macro in whichreg() helper
which would test the registers bounds and force
the caller to try another template if register is
out of range. In the case above it simply means
ndisasm instead of crashing outputs
| 00000000 0F db 0x0f
| 00000001 1B db 0x1b
| 00000002 75 db 0x75
http://bugzilla.nasm.us/show_bug.cgi?id=3392289
Reported-by: Hanno Boeck <hanno@hboeck.de>
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
| disasm.c | diffblobblamehistory |