If the number of digits is specified on a scanf, but the input has fewer digits, the input ends up being right-padded with zeros to reach the expected input length.
Here's an example:
adds_zeros.c
#include <stdio.h>
int main() {
int value;
scanf("%4d", &value);
printf("%d\n", value);
return 0;
}
This shows that stdout prints a value of 5000 for the variable 'value' in the c code, but it should have a value of 5. Three zeros are being added to the input to reach the expected input length of 4.
It looks like the length of stdin is being set to the length of the given input on line 986 of tracer.py, but I'm not seeing the effect of that setting.
line 986 of tracer.py
# fix stdin to the size of the input being traced
fs = {'/dev/stdin': angr.storage.file.SimFile(
"/dev/stdin", "r",
size=self.input_max_size)}
If the number of digits is specified on a scanf, but the input has fewer digits, the input ends up being right-padded with zeros to reach the expected input length.
Here's an example:
adds_zeros.c
Run this code
This shows that stdout prints a value of 5000 for the variable 'value' in the c code, but it should have a value of 5. Three zeros are being added to the input to reach the expected input length of 4.
It looks like the length of stdin is being set to the length of the given input on line 986 of tracer.py, but I'm not seeing the effect of that setting.
line 986 of tracer.py