From 71b527efa1c52b430f23f8881216cd62ddde7cce Mon Sep 17 00:00:00 2001
From: Johannes Maier <johannes2.maier@tum.de>
Date: Tue, 16 Jan 2024 19:24:54 +0100
Subject: [PATCH] Fix bug to be exploitable

---
 vuln.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/vuln.c b/vuln.c
index 464483a..4e7b1dc 100644
--- a/vuln.c
+++ b/vuln.c
@@ -209,7 +209,8 @@ void gen_code(uint8_t *code, Instruction *program, size_t program_len) {
         switch (instr.opcode) {
         case ADD:
             // add reg1, reg2
-            gen_3B_native_instr(0x01, register_id_lookup[instr.reg1], register_id_lookup[instr.reg2], code, &offset);
+            // this encoding flips the register usage, so we need to put them in the other way around here (hint: not the bug)
+            gen_3B_native_instr(0x03, register_id_lookup[instr.reg2], register_id_lookup[instr.reg1], code, &offset);
             break;
         case ADDI:
             // optimization: fold multiple consecutive ADDI instructions to the same register into one