about summary refs log tree commit diff stats
path: root/miasm2/expression/simplifications_common.py
diff options
context:
space:
mode:
authorAjax <commial@gmail.com>2018-02-15 12:58:10 +0100
committerAjax <commial@gmail.com>2018-02-15 15:07:52 +0100
commit2c62e418735010b8f816bc0d4d23973392ddceab (patch)
tree1d3b320dd6be68ea8af7d99e228e95bfac70aaa7 /miasm2/expression/simplifications_common.py
parentfab5d2dfa23c30c083ae3c5738c8c0b7832b18cc (diff)
downloadmiasm-2c62e418735010b8f816bc0d4d23973392ddceab.tar.gz
miasm-2c62e418735010b8f816bc0d4d23973392ddceab.zip
'simp_propag': avoid computing shifts when the size is too
big (potential Python overflow)
Diffstat (limited to 'miasm2/expression/simplifications_common.py')
-rw-r--r--miasm2/expression/simplifications_common.py19
1 files changed, 16 insertions, 3 deletions
diff --git a/miasm2/expression/simplifications_common.py b/miasm2/expression/simplifications_common.py
index d1b134f2..a1301cba 100644
--- a/miasm2/expression/simplifications_common.py
+++ b/miasm2/expression/simplifications_common.py
@@ -40,13 +40,26 @@ def simp_cst_propagation(e_s, expr):
             elif op_name == '|':
                 out = int1.arg | int2.arg
             elif op_name == '>>':
-                out = int1.arg >> int2.arg
+                if int(int2) > int1.size:
+                    out = 0
+                else:
+                    out = int1.arg >> int2.arg
             elif op_name == '<<':
-                out = int1.arg << int2.arg
+                if int(int2) > int1.size:
+                    out = 0
+                else:
+                    out = int1.arg << int2.arg
             elif op_name == 'a>>':
                 tmp1 = mod_size2int[int1.arg.size](int1.arg)
                 tmp2 = mod_size2uint[int2.arg.size](int2.arg)
-                out = mod_size2uint[int1.arg.size](tmp1 >> tmp2)
+                if tmp2 > int1.size:
+                    is_signed = int(int1) & (1 << (int1.size - 1))
+                    if is_signed:
+                        out = -1
+                    else:
+                        out = 0
+                else:
+                    out = mod_size2uint[int1.arg.size](tmp1 >> tmp2)
             elif op_name == '>>>':
                 shifter = int2.arg % int2.size
                 out = (int1.arg >> shifter) | (int1.arg << (int2.size - shifter))