From fd80e038098ac3c48471b1715d7a6509b394c16f Mon Sep 17 00:00:00 2001 From: Skylot <118523+skylot@users.noreply.github.com> Date: Wed, 11 Sep 2024 19:44:55 +0100 Subject: [PATCH] fix: check if debug info offset is invalid (#1653) --- .../dex/visitors/debuginfo/DebugInfoAttachVisitor.java | 3 +++ .../jadx/core/utils/exceptions/InvalidDataException.java | 7 +++++++ .../jadx/plugins/input/dex/sections/DexCodeReader.java | 4 ++++ .../jadx/plugins/input/dex/sections/SectionReader.java | 4 ++++ 4 files changed, 18 insertions(+) create mode 100644 jadx-core/src/main/java/jadx/core/utils/exceptions/InvalidDataException.java diff --git a/jadx-core/src/main/java/jadx/core/dex/visitors/debuginfo/DebugInfoAttachVisitor.java b/jadx-core/src/main/java/jadx/core/dex/visitors/debuginfo/DebugInfoAttachVisitor.java index 35b71c88f..84ec2011d 100644 --- a/jadx-core/src/main/java/jadx/core/dex/visitors/debuginfo/DebugInfoAttachVisitor.java +++ b/jadx-core/src/main/java/jadx/core/dex/visitors/debuginfo/DebugInfoAttachVisitor.java @@ -21,6 +21,7 @@ import jadx.core.dex.visitors.JadxVisitor; import jadx.core.dex.visitors.blocks.BlockSplitter; import jadx.core.dex.visitors.ssa.SSATransform; import jadx.core.utils.ListUtils; +import jadx.core.utils.exceptions.InvalidDataException; import jadx.core.utils.exceptions.JadxException; @JadxVisitor( @@ -40,6 +41,8 @@ public class DebugInfoAttachVisitor extends AbstractVisitor { if (debugInfo != null) { processDebugInfo(mth, debugInfo); } + } catch (InvalidDataException e) { + mth.addWarnComment(e.getMessage()); } catch (Exception e) { mth.addWarnComment("Failed to parse debug info", e); } diff --git a/jadx-core/src/main/java/jadx/core/utils/exceptions/InvalidDataException.java b/jadx-core/src/main/java/jadx/core/utils/exceptions/InvalidDataException.java new file mode 100644 index 000000000..1d97a31e7 --- /dev/null +++ b/jadx-core/src/main/java/jadx/core/utils/exceptions/InvalidDataException.java @@ -0,0 +1,7 @@ +package jadx.core.utils.exceptions; + +public class InvalidDataException extends JadxRuntimeException { + public InvalidDataException(String message) { + super(message); + } +} diff --git a/jadx-plugins/jadx-dex-input/src/main/java/jadx/plugins/input/dex/sections/DexCodeReader.java b/jadx-plugins/jadx-dex-input/src/main/java/jadx/plugins/input/dex/sections/DexCodeReader.java index 53b36ae2c..0dd0c7f60 100644 --- a/jadx-plugins/jadx-dex-input/src/main/java/jadx/plugins/input/dex/sections/DexCodeReader.java +++ b/jadx-plugins/jadx-dex-input/src/main/java/jadx/plugins/input/dex/sections/DexCodeReader.java @@ -16,6 +16,7 @@ import jadx.api.plugins.input.data.ITry; import jadx.api.plugins.input.data.impl.CatchData; import jadx.api.plugins.input.data.impl.TryData; import jadx.api.plugins.input.insns.InsnData; +import jadx.core.utils.exceptions.InvalidDataException; import jadx.plugins.input.dex.DexException; import jadx.plugins.input.dex.insns.DexInsnData; import jadx.plugins.input.dex.insns.DexInsnFormat; @@ -112,6 +113,9 @@ public class DexCodeReader implements ICodeReader { if (debugOff == 0) { return null; } + if (debugOff < 0 || debugOff > in.size()) { + throw new InvalidDataException("Invalid debug info offset"); + } int regsCount = getRegistersCount(); DebugInfoParser debugInfoParser = new DebugInfoParser(in, regsCount, getUnitsCount()); debugInfoParser.initMthArgs(regsCount, in.getMethodParamTypes(mthId)); diff --git a/jadx-plugins/jadx-dex-input/src/main/java/jadx/plugins/input/dex/sections/SectionReader.java b/jadx-plugins/jadx-dex-input/src/main/java/jadx/plugins/input/dex/sections/SectionReader.java index b9421013b..9d8673525 100644 --- a/jadx-plugins/jadx-dex-input/src/main/java/jadx/plugins/input/dex/sections/SectionReader.java +++ b/jadx-plugins/jadx-dex-input/src/main/java/jadx/plugins/input/dex/sections/SectionReader.java @@ -314,6 +314,10 @@ public class SectionReader { return Leb128.readSignedLeb128(this); } + public int size() { + return buf.capacity(); + } + @Override public String toString() { return "SectionReader{buf=" + buf + ", offset=" + offset + '}';