x64dbg/x64dbg
x64dbg
/
x64dbg
1
0
Fork 0
Code Releases 5 Activity

Fixed some unsafe code (#1647) 

* Fix underflow of commandLine variable. (memset)

* Fix for integer inconsistencies

* fix for possible overflow at line 1841 of debugger.cpp. Offending code:

sprintf_s(command, "bp %p,\"DllMain (%s)\",ss", entry, modname);
This commit is contained in:
genuine_ 2017-07-25 04:54:41 -06:00 committed by Duncan Ogilvie
parent a5e37fe74f
commit 18979ef6e9
3 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/dbg/commandline.cpp
View File

@ -103,7 +103,7 @@ void CmdLineCacheLoad(JSON Root)
EXCLUSIVE_ACQUIRE(LockCmdLine);
// Clear command line
memset(commandLine, 0, MAX_COMMAND_LINE_SIZE);
memset(commandLine, 0, MAX_SETTING_SIZE);
// Get a handle to the root object -> commandLine
const JSON jsonCmdLine = json_object_get(Root, "commandLine");
@ -114,7 +114,7 @@ void CmdLineCacheLoad(JSON Root)
const char* cmdLine = json_string_value(json_object_get(jsonCmdLine, "cmdLine"));
strncpy_s(commandLine, cmdLine, _TRUNCATE);
copyCommandLine(cmdLine);
json_decref(jsonCmdLine);
}

6
src/dbg/commands/cmd-searching.cpp
View File

@ -29,7 +29,7 @@ bool cbInstrFind(int argc, char* argv[])
strcpy_s(pattern, argv[2] + 1);
else
strcpy_s(pattern, argv[2]);
int len = (int)strlen(pattern);
size_t len = strlen(pattern);
if(pattern[len - 1] == '#')
pattern[len - 1] = '\0';
@ -81,7 +81,7 @@ bool cbInstrFindAll(int argc, char* argv[])
strcpy_s(pattern, argv[2] + 1);
else
strcpy_s(pattern, argv[2]);
int len = (int)strlen(pattern);
size_t len = strlen(pattern);
if(pattern[len - 1] == '#')
pattern[len - 1] = '\0';
@ -193,7 +193,7 @@ bool cbInstrFindAllMem(int argc, char* argv[])
strcpy_s(pattern, argv[2] + 1);
else
strcpy_s(pattern, argv[2]);
int len = (int)strlen(pattern);
size_t len = strlen(pattern);
if(pattern[len - 1] == '#')
pattern[len - 1] = '\0';
std::vector<PatternByte> searchpattern;

4
src/dbg/debugger.cpp
View File

@ -1777,13 +1777,13 @@ static void cbLoadDll(LOAD_DLL_DEBUG_INFO* LoadDll)
// Update memory map
MemUpdateMapAsync();
char modname[256] = "";
char modname[MAX_MODULE_SIZE] = "";
if(ModNameFromAddr(duint(base), modname, true))
BpEnumAll(cbSetModuleBreakpoints, modname, duint(base));
GuiUpdateBreakpointsView();
bool bAlreadySetEntry = false;
char command[256] = "";
char command[MAX_PATH*2] = "";
bool bIsDebuggingThis = false;
if(bFileIsDll && !_stricmp(DLLDebugFileName, szFileName) && !bIsAttached) //Set entry breakpoint
{