diff options
| author | Ajax <commial@gmail.com> | 2018-02-15 12:53:29 +0100 |
|---|---|---|
| committer | Ajax <commial@gmail.com> | 2018-02-15 15:03:27 +0100 |
| commit | fab5d2dfa23c30c083ae3c5738c8c0b7832b18cc (patch) | |
| tree | d8d893f1fcc292533b39aad20664cb89b2a565aa | |
| parent | 9dd075f09e4f31ec7fe12e50709d9e58c65ed5f4 (diff) | |
| download | focaccia-miasm-fab5d2dfa23c30c083ae3c5738c8c0b7832b18cc.tar.gz focaccia-miasm-fab5d2dfa23c30c083ae3c5738c8c0b7832b18cc.zip | |
simp_compose: ensure the '/' is not rounded to 0, but really equals to
| -rw-r--r-- | miasm2/expression/simplifications_common.py | 2 | ||||
| -rw-r--r-- | test/expression/simplifications.py | 4 |
2 files changed, 5 insertions, 1 deletions
diff --git a/miasm2/expression/simplifications_common.py b/miasm2/expression/simplifications_common.py index ccb97cb3..d1b134f2 100644 --- a/miasm2/expression/simplifications_common.py +++ b/miasm2/expression/simplifications_common.py @@ -539,7 +539,7 @@ def simp_compose(e_s, expr): nxt = args[i + 1] if arg.is_mem() and nxt.is_mem(): gap = e_s(nxt.arg - arg.arg) - if gap.is_int() and int(gap) == arg.size / 8: + if gap.is_int() and arg.size % 8 == 0 and int(gap) == arg.size / 8: args = args[:i] + [ExprMem(arg.arg, arg.size + nxt.size)] + args[i + 2:] return ExprCompose(*args) diff --git a/test/expression/simplifications.py b/test/expression/simplifications.py index 0c516a8e..add689c7 100644 --- a/test/expression/simplifications.py +++ b/test/expression/simplifications.py @@ -411,6 +411,10 @@ to_test = [(ExprInt(1, 32) - ExprInt(1, 32), ExprInt(0, 32)), (a >> b >> c, a >> b >> c), # Left unmodified (a >> b_msb_null >> c_msb_null, a >> (b_msb_null + c_msb_null)), + + # Degenerated case from fuzzing, which had previously raised bugs + (ExprCompose(ExprInt(0x7, 3), ExprMem(ExprInt(0x39E21, 19), 1), ExprMem(ExprInt(0x39E21, 19), 1)), + ExprCompose(ExprInt(0x7, 3), ExprMem(ExprInt(0x39E21, 19), 1), ExprMem(ExprInt(0x39E21, 19), 1))), ] for e_input, e_check in to_test: |