diff options
| author | Calder Kitagawa <ckitagawa@chromium.org> | 2018-06-28 21:48:40 +0000 |
|---|---|---|
| committer | Copybara-Service <copybara-worker@google.com> | 2021-07-25 20:02:36 -0700 |
| commit | 82e8472ee794f6c684905001f055f529184142a2 (patch) | |
| tree | 06b9dee892a10211c76211d2ee4e00c840a22169 /disassembler_dex.cc | |
| parent | 2ed3877df49fb5271a03f999192d8640b41f5b5e (diff) | |
| download | zucchini-82e8472ee794f6c684905001f055f529184142a2.tar.gz | |
[Zucchini] Require DEX to have parsable code items
Zucchini makes the assumption that a valid DEX file has code items.
However, this contraint was not applied to whether the DEX file
contained valid and parsable code. As a result when attempting to find
references for within these code items, which weren't successfully
parsed, Zucchini would crash.
The solution is to impose a requirement that at least one code item was
parsed to create a disassembler.
Found during fuzzing of DEX files in CL:
https://chromium-review.googlesource.com/c/chromium/src/+/1117123
Change-Id: I76fcbb9267099a7fe3d6eb61c345ffbfaf772fff
Reviewed-on: https://chromium-review.googlesource.com/1118851
Commit-Queue: Calder Kitagawa <ckitagawa@chromium.org>
Reviewed-by: Samuel Huang <huangs@chromium.org>
Cr-Commit-Position: refs/heads/master@{#571276}
NOKEYCHECK=True
GitOrigin-RevId: 2f1a0765a55cda93faa787cf7110db3b78f02a26
Diffstat (limited to 'disassembler_dex.cc')
| -rw-r--r-- | disassembler_dex.cc | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/disassembler_dex.cc b/disassembler_dex.cc index a7316ba..01d5e98 100644 --- a/disassembler_dex.cc +++ b/disassembler_dex.cc @@ -1591,7 +1591,8 @@ bool DisassemblerDex::ParseHeader() { return false; code_item_offsets_[i] = code_item_offset; } - return true; + // DEX files are required to have parsable code items. + return !code_item_offsets_.empty(); } } // namespace zucchini |