dwks
commented
6 years ago Here is a reproducible test case: https://github.com/dwks/capstone-666
Open dwks opened 6 years ago
dwks
commented
6 years ago Here is a reproducible test case: https://github.com/dwks/capstone-666
Hi,
When disassembling libstdc++.so, I found the following instruction:
When I give this instruction to capstone, it thinks it is only 6 (not 8) bytes long. It also enters an error state and keeps disassembling infinitely after that, ignoring my specified code size, until a disassembly error is encountered. Instructions with a single 0x66 prefix work correctly.
On the next branch, the instruction is correctly disassembled but the infinite loop still happens. If I give cs_disasm a fixed maximum number of instructions, it stops at that bound but still overruns my input buffer. The infinite loop doesn't happen if this instruction is not present.
Could this please be fixed and the functionality merged into master, not just next? This is not a particularly exotic instruction.