diff options
| author | van Hauser <vh@thc.org> | 2023-08-31 12:51:42 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-08-31 12:51:42 +0000 |
| commit | 11a622c63d70c9ca16c9847418b88992139aa892 (patch) | |
| tree | de0c523399eaf24544f7c0cbd61fe8d3c69c84f8 /frida_mode/src | |
| parent | ad2af7caec2df6ceec87669864f47b9567c672af (diff) | |
| parent | 1604351368c26a1dd91c43c054fb466b8093e86e (diff) | |
| download | afl++-11a622c63d70c9ca16c9847418b88992139aa892.tar.gz | |
Merge pull request #1847 from AFLplusplus/dev
push to stable
Diffstat (limited to 'frida_mode/src')
| -rw-r--r-- | frida_mode/src/instrument/instrument_arm64.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/frida_mode/src/instrument/instrument_arm64.c b/frida_mode/src/instrument/instrument_arm64.c index 2256f941..a0c66697 100644 --- a/frida_mode/src/instrument/instrument_arm64.c +++ b/frida_mode/src/instrument/instrument_arm64.c @@ -402,6 +402,18 @@ bool instrument_write_inline(GumArm64Writer *cw, GumAddress code_addr, } + /* + * The mov instruction supports up to a 16-bit offset. If our offset is out of + * range, then it can end up clobbering the op-code portion of the instruction + * rather than just the operands. So return false and fall back to the + * alternative instrumentation. + */ + if (area_offset > UINT16_MAX) { + + return false; + + } + code.code.mov_x0_curr_loc |= area_offset << 5; if (!instrument_patch_ardp( |