fix: check if debug info offset is invalid (#1653)

skylot · Sep 11, 2024 · fd80e03 · fd80e03
1 parent b580708
commit fd80e03
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 0 deletions.
diff --git a/jadx-core/src/main/java/jadx/core/dex/visitors/debuginfo/DebugInfoAttachVisitor.java b/jadx-core/src/main/java/jadx/core/dex/visitors/debuginfo/DebugInfoAttachVisitor.java
@@ -21,6 +21,7 @@
 import jadx.core.dex.visitors.blocks.BlockSplitter;
 import jadx.core.dex.visitors.ssa.SSATransform;
 import jadx.core.utils.ListUtils;
+import jadx.core.utils.exceptions.InvalidDataException;
 import jadx.core.utils.exceptions.JadxException;
 
 @JadxVisitor(
@@ -40,6 +41,8 @@ public void visit(MethodNode mth) throws JadxException {
 			if (debugInfo != null) {
 				processDebugInfo(mth, debugInfo);
 			}
+		} catch (InvalidDataException e) {
+			mth.addWarnComment(e.getMessage());
 		} catch (Exception e) {
 			mth.addWarnComment("Failed to parse debug info", e);
 		}

diff --git a/jadx-core/src/main/java/jadx/core/utils/exceptions/InvalidDataException.java b/jadx-core/src/main/java/jadx/core/utils/exceptions/InvalidDataException.java
@@ -0,0 +1,7 @@
+package jadx.core.utils.exceptions;
+
+public class InvalidDataException extends JadxRuntimeException {
+	public InvalidDataException(String message) {
+		super(message);
+	}
+}
diff --git a/jadx-plugins/jadx-dex-input/src/main/java/jadx/plugins/input/dex/sections/DexCodeReader.java b/jadx-plugins/jadx-dex-input/src/main/java/jadx/plugins/input/dex/sections/DexCodeReader.java
@@ -16,6 +16,7 @@
 import jadx.api.plugins.input.data.impl.CatchData;
 import jadx.api.plugins.input.data.impl.TryData;
 import jadx.api.plugins.input.insns.InsnData;
+import jadx.core.utils.exceptions.InvalidDataException;
 import jadx.plugins.input.dex.DexException;
 import jadx.plugins.input.dex.insns.DexInsnData;
 import jadx.plugins.input.dex.insns.DexInsnFormat;
@@ -112,6 +113,9 @@ public IDebugInfo getDebugInfo() {
 		if (debugOff == 0) {
 			return null;
 		}
+		if (debugOff < 0 || debugOff > in.size()) {
+			throw new InvalidDataException("Invalid debug info offset");
+		}
 		int regsCount = getRegistersCount();
 		DebugInfoParser debugInfoParser = new DebugInfoParser(in, regsCount, getUnitsCount());
 		debugInfoParser.initMthArgs(regsCount, in.getMethodParamTypes(mthId));

diff --git a/jadx-plugins/jadx-dex-input/src/main/java/jadx/plugins/input/dex/sections/SectionReader.java b/jadx-plugins/jadx-dex-input/src/main/java/jadx/plugins/input/dex/sections/SectionReader.java
@@ -314,6 +314,10 @@ public int readSleb128() {
 		return Leb128.readSignedLeb128(this);
 	}
 
+	public int size() {
+		return buf.capacity();
+	}
+
 	@Override
 	public String toString() {
 		return "SectionReader{buf=" + buf + ", offset=" + offset + '}';