Closed pcy190 closed 9 months ago
The disassembler would panic in ld_st_imm_str when it tries to negate the 0x8000i16 value in
ld_st_imm_str
https://github.com/qmonnet/rbpf/blob/4812c52fe1009ee1e3c2307662d175bdd07b5c71/src/disassembler.rs#L29-L33
The PoC program to reproduce:
disassembler::disassemble(&[98, 1, 0, 128, 0, 0, 31, 145])
The would panic the disassembler:
thread '<unnamed>' panicked at 'attempt to negate with overflow', /rbpf-0.2.0/src/disassembler.rs:33:56
To enhance the robustness of the disassembler, the negation logic of i16 could be restructured in ld_st_imm_str function.
The disassembler would panic in
ld_st_imm_strwhen it tries to negate the 0x8000i16 value inhttps://github.com/qmonnet/rbpf/blob/4812c52fe1009ee1e3c2307662d175bdd07b5c71/src/disassembler.rs#L29-L33
The PoC program to reproduce:
The would panic the disassembler:
To enhance the robustness of the disassembler, the negation logic of i16 could be restructured in
ld_st_imm_strfunction.