Commit 1e553444 authored by PoroCYon's avatar PoroCYon Committed by PoroCYon
Browse files

fix crash when a hash's LSbyte is 0

parent 237ba991
...@@ -121,42 +121,46 @@ def main(): ...@@ -121,42 +121,46 @@ def main():
# if the next libname/first byte of the hash is null, the table has # if the next libname/first byte of the hash is null, the table has
# come to an end. # come to an end.
j = poff if is32bit:
strtaboff = 0 j = poff
while j < poff + pfsz: strtaboff = 0
tag, j = (readint(blob, j) if is32bit else readlong(blob, j)) while j < poff + pfsz:
ptr, j = (readint(blob, j) if is32bit else readlong(blob, j)) tag, j = readint(blob, j)
ptr, j = readint(blob, j)
if tag == 5: # DT_STRTAB
strtaboff = ptr if tag == 5: # DT_STRTAB
elif tag == 1: # DT_NEEDED strtaboff = ptr
bakoff = j elif tag == 1: # DT_NEEDED
bakoff = j
smoltaboff = strtaboff + ptr - (pva - poff)
j = smoltaboff smoltaboff = strtaboff + ptr - (pva - poff)
j = smoltaboff
libname, j = readstr(blob, j)
if len(libname) == 0: libname, j = readstr(blob, j)
break if len(libname) == 0:
break
sys.stdout.write("* " + libname) sys.stdout.write("* " + libname)
libs = list(find_libs((32 if is32bit else 64), deflibs, libname)) libs = list(find_libs(32, deflibs, libname))
print(" -> NOT FOUND" if len(libs) == 0 else (" -> " + libs[0])) print(" -> NOT FOUND" if len(libs) == 0 else (" -> " + libs[0]))
ht = dict({}) if len(libs) == 0 else build_hashtab(args.scanelf, libs[0]) ht = dict({}) if len(libs) == 0 else build_hashtab(args.scanelf, libs[0])
while True: while True:
hashv, j = (readint(blob, j) if is32bit else readlong(blob, j)) hashv, j = readint(blob, j)
if (hashv & 0xFF) == 0: if (hashv & 0xFF) == 0:
break break
sys.stdout.write(" * " + hex(hashv)) sys.stdout.write(" * " + hex(hashv))
print(" -> NOT FOUND" if hashv not in ht else (" -> " + ht[hashv])) print(" -> NOT FOUND" if hashv not in ht else (" -> " + ht[hashv]))
j = bakoff j = bakoff
break break
else: # 64-bit
eprintf("Currently unsuppored, sorry.")
sys.exit(1)
if __name__ == '__main__': if __name__ == '__main__':
main() main()
......
...@@ -129,7 +129,7 @@ repne scasd ; technically, scasq should be used, but ehhhh ...@@ -129,7 +129,7 @@ repne scasd ; technically, scasq should be used, but ehhhh
; *phash = finaladdr ; *phash = finaladdr
stosq stosq
cmp byte [rdi], 0 cmp word [rdi], 0
jne short .next_hash jne short .next_hash
; } while (1) ; } while (1)
; jmp short .next_hash ; jmp short .next_hash
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment