• Rafael Kitover's avatar
    fix some ELF parsing vulnerabilities #255 · 6b486258
    Rafael Kitover authored
    Implement the recommendations described in issue #255 by @zzazzdzz:
    
    - Check bounds when reading ELF program header sections.
    
    - Skip reading ELF section headers if the string table pointer is NULL.
    
    - Increase the buffer size for dissassembled instructions in the
      dissassembly view and pass the buffer size to the disArm() and
      disThumb() functions so that rudimentary bounds checking can be done.
    
    Also add the constants WORK_RAM_SIZE and ROM_SIZE to reduce incidence of
    magic numbers and make the code a bit cleaner.
    6b486258
viewers.cpp 27.3 KB