Capstone Next Bug in code. modRMRequired has an invalid index read
trile127 opened this issue · comments
Work environment
| Questions | Answers |
|---|---|
| OS/arch/bits | Ubuntu 22.04 64 Bit |
| Architecture | x86 |
| Source of Capstone | git clone |
| Version/git commit | next, fe60b13 |
Expected behavior
no error, or segfault
Actual behavior
Using Valgrind for information
==312219== Invalid read of size 1
==312219== at 0x120CFC: modRMRequired (X86DisassemblerDecoder.c:139)
==312219== by 0x120CFC: getIDWithAttrMask (X86DisassemblerDecoder.c:910)
==312219== by 0x121946: getID (X86DisassemblerDecoder.c:1221)
==312219== by 0x121946: decodeInstruction (X86DisassemblerDecoder.c:2337)
==312219== by 0x1192E7: X86_getInstruction (X86Disassembler.c:982)
==312219== by 0x117950: cs_disasm_iter (cs.c:1408)
==312219== by 0x110DF5: disassemble_symbol_funcs (main.c:711)
==312219== by 0x1122AF: main (main.c:1126)
==312219== Address 0x19 is not stack'd, malloc'd or (recently) free'd
Ends with a segfault
Steps to reproduce the behavior
Run cs_disasm on /usr/bin/Xephyr ".text" section and it will crash after awhile
- Use code markdown
CODEto make your code visible
I take the .text section and just read it in byte by byte, it will error out over time. I've tried cs_disasm_iter and cs_disasm reading in chunks of 4096 at a time.
cs_insn *insn = cs_malloc(handle);
fflush(stdout);
while(cs_disasm_iter(handle, &chunk_ptr, &bytesRead, &(sym->st_value), insn)) {
offset += insn->size;
printf("0x%" PRIx64 ": %s %s, insns bytes: ", insn->address, insn->mnemonic, insn->op_str);
for (int i = 0; i < insn->size; i++) {
printf("%02x ", insn->bytes[i]);
}
printf("\n");
}
Also, this errors for v5 as well