cato447/BinexProject
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix bug to be exploitable

Browse Source
This commit is contained in:
Johannes Maier
2024-01-16 19:24:54 +01:00
parent 0d44710dc7
commit 71b527efa1
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
vuln.c
View File

@@ -209,7 +209,8 @@ void gen_code(uint8_t *code, Instruction *program, size_t program_len) {
switch (instr.opcode) { switch (instr.opcode) {
case ADD: case ADD:
// add reg1, reg2 // add reg1, reg2
gen_3B_native_instr(0x01, register_id_lookup[instr.reg1], register_id_lookup[instr.reg2], code, &offset); // this encoding flips the register usage, so we need to put them in the other way around here (hint: not the bug)
gen_3B_native_instr(0x03, register_id_lookup[instr.reg2], register_id_lookup[instr.reg1], code, &offset);
break; break;
case ADDI: case ADDI:
// optimization: fold multiple consecutive ADDI instructions to the same register into one // optimization: fold multiple consecutive ADDI instructions to the same register into one