fix crash when a hash's LSbyte is 0

1e553444 · PoroCYon · PoroCYon · 237ba991 · 1e553444 · 1e553444
Commit 1e553444 authored Mar 06, 2019 by PoroCYon Committed by PoroCYon Mar 06, 2019
Hide whitespace changes
Inline Side-by-side

Showing with 34 additions and 30 deletions

smoldd.py smoldd.py +33 -29

src/loader64.asm src/loader64.asm +1 -1

No files found.
--- a/smoldd.py
+++ b/smoldd.py
@@ -121,42 +121,46 @@ def main():
        # if the next libname/first byte of the hash is null, the table has
        # come to an end.

-        j = poff
-        strtaboff = 0
-        while j < poff + pfsz:
-            tag, j = (readint(blob, j) if is32bit else readlong(blob, j))
-            ptr, j = (readint(blob, j) if is32bit else readlong(blob, j))
-
-            if tag == 5: # DT_STRTAB
-                strtaboff = ptr
-            elif tag == 1: # DT_NEEDED
-                bakoff = j
-
-                smoltaboff = strtaboff + ptr - (pva - poff)
-                j = smoltaboff
-
-                libname, j = readstr(blob, j)
-                if len(libname) == 0:
-                    break
+        if is32bit:
+            j = poff
+            strtaboff = 0
+            while j < poff + pfsz:
+                tag, j = readint(blob, j)
+                ptr, j = readint(blob, j)
+
+                if tag == 5: # DT_STRTAB
+                    strtaboff = ptr
+                elif tag == 1: # DT_NEEDED
+                    bakoff = j
+
+                    smoltaboff = strtaboff + ptr - (pva - poff)
+                    j = smoltaboff
+
+                    libname, j = readstr(blob, j)
+                    if len(libname) == 0:
+                        break

-                sys.stdout.write("* " + libname)
+                    sys.stdout.write("* " + libname)

-                libs = list(find_libs((32 if is32bit else 64), deflibs, libname))
-                print(" -> NOT FOUND" if len(libs) == 0 else (" -> " + libs[0]))
-                ht = dict({}) if len(libs) == 0 else build_hashtab(args.scanelf, libs[0])
+                    libs = list(find_libs(32, deflibs, libname))
+                    print(" -> NOT FOUND" if len(libs) == 0 else (" -> " + libs[0]))
+                    ht = dict({}) if len(libs) == 0 else build_hashtab(args.scanelf, libs[0])

-                while True:
-                    hashv, j = (readint(blob, j) if is32bit else readlong(blob, j))
+                    while True:
+                        hashv, j = readint(blob, j)

-                    if (hashv & 0xFF) == 0:
-                        break
+                        if (hashv & 0xFF) == 0:
+                            break

-                    sys.stdout.write("  * " + hex(hashv))
-                    print(" -> NOT FOUND" if hashv not in ht else (" -> " + ht[hashv]))
+                        sys.stdout.write("  * " + hex(hashv))
+                        print(" -> NOT FOUND" if hashv not in ht else (" -> " + ht[hashv]))

-                j = bakoff
+                    j = bakoff

-        break
+            break
+        else: # 64-bit
+            eprintf("Currently unsuppored, sorry.")
+            sys.exit(1)

 if __name__ == '__main__':
    main()

--- a/src/loader64.asm
+++ b/src/loader64.asm
@@ -129,7 +129,7 @@ repne scasd ; technically, scasq should be used, but ehhhh

                ; *phash = finaladdr
          stosq
-            cmp byte [rdi], 0
+            cmp word [rdi], 0
            jne short .next_hash
            ; } while (1)
 ;       jmp short .next_hash