Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix dex module inconsistencies #2069

Merged
merged 2 commits into from
May 2, 2024

Conversation

vthib
Copy link
Contributor

@vthib vthib commented Apr 24, 2024

Fix several inconsistencies in the dex module:

  • some bytestring values were not properly set: the magic constants, header.magic and header.signature. Those were cut if a nul byte was present (which is the case in the magic values

  • dex.field[*].static and dex.field[*].instance were defined, but not declared, making their use impossible. They are now properly declared.

  • several fields in dex.method[*].code_item were declared but never defined: padding, tries and handlers. Those are removed since they couldn't have been used.

@vthib
Copy link
Contributor Author

vthib commented Apr 30, 2024

I'm not sure what the macosx build issue is. It complains about missing libjansson, which is not related to the dex module but to the cuckoo one, which i do not touch. So afaict it is unrelated.

vthib added 2 commits May 1, 2024 01:28
Several bytestring values in the dex module were not set properly,
and were cut short due to the presence of a nul byte.

This happened on:
- all the dex.DEX_FILE_MAGIC_* constants, which were cut short by one
  byte (the last one is the nul byte).
- the magic and signature field in the "header" object of the module.

For all of those, the size is fixed and known, so use the right length
and do not cut it short if a nul byte is present.
There was some mismatch between the declared fields and the ones filled
by the module:

- `dex.field[*].static` and `dex.field[*].instance` were defined, but
  not declared, making their use impossible. They are now properly
  declared.

- several fields in `dex.method[*].code_item` were declared but never
  defined: `padding`, `tries` and `handlers`. Those are removed since
  they couldn't have been used.
@vthib vthib force-pushed the fix-dex-module-inconsistencies branch from 42f7aa1 to cff2fcd Compare April 30, 2024 23:29
@plusvic plusvic merged commit 41aa1e7 into VirusTotal:master May 2, 2024
10 checks passed
@vthib vthib deleted the fix-dex-module-inconsistencies branch May 3, 2024 19:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants