capstone icon indicating copy to clipboard operation
capstone copied to clipboard
verified publisher icon capstone-engine

Possible overflow of Java byte[] datatype?

Open farmdve opened this issue 5 years ago • 1 comments

In https://github.com/aquynh/capstone/blob/6ac6255afabd5ce3a469a1247e239398df320d17/bindings/java/capstone/Capstone.java#L154 we assign the groups to a byte datatype which in java is always signed, from -127 to +128. The X86 groups go beyond 127 and thus overflow, giving incorrect group numbers(such as -95 depending on how many times it overflowed)

farmdve avatar Sep 15 '20 15:09 farmdve

It's good that you are thinking of overflows! I might be wrong, but I think this one is ok for now. There are two potentials here:

  1. The size of the array itself and
  2. The value being stored in the array.

For the size of the array, it is being based off the number of groups that a particular instruction is a member of. Most instructions that I've seen are only a member of a small number of groups (usually between 0 and 3) so I think we are safe there.

The value being stored in the array is possibly more concerning if we don't keep this in mind going forward. For now though, I'm only counting around 50 groups in arch/X86/X86Mapping.c Am I missing some?

keenk avatar Feb 23 '21 23:02 keenk