readpe crashed when I use -e
Describe the bug*
In readpe newst version, Analysing abnormal test.exe will crash this program, And the version 0.70 can modify the RIP regester.
The test.exe download: https://github.com/I0gan/files/raw/main/pev/test.exe
version 0.70 test:
1
2
3
4
| [i0gan@arch build]$ /bin/readpe -e ./test.exe
Exported functions
Segmentation fault (core dumped)
|
I use gdb to debugger this program,the rip regester can be set as 0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
| pwndbg> set args -e test.exe
pwndbg> start
Temporary breakpoint 1 at 0x403966
pwndbg> [Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
Temporary breakpoint 1, 0x0000000000403966 in main ()
c
Continuing.
Exported functions
Program received signal SIGSEGV, Segmentation fault.
0x0000000000000000 in ?? ()
LEGEND: STACK | HEAP | CODE | DATA | RWX | RODATA
────────────────────────────────────────[ REGISTERS ]─────────────────────────────────────────
*RAX 0x0
RBX 0x403dd0 (__libc_csu_init) ◂— mov qword ptr [rsp - 0x28], rbp
*RCX 0x0
*RDX 0x5
*RDI 0x7fffffffde60 —▸ 0x403dd0 (__libc_csu_init) ◂— mov qword ptr [rsp - 0x28], rbp
*RSI 0xa00
*R8 0x608480 ◂— 0x608
*R9 0x7ffff7f0c0c0 (step3a_jumps) ◂— 0x0
*R10 0xfffffffffffffb87
*R11 0x206
R12 0x401070 (_start) ◂— xor ebp, ebp
R13 0x0
R14 0x0
R15 0x0
*RBP 0x0
*RSP 0x7fffffffde40 ◂— 0x0
*RIP 0x0
──────────────────────────────────────────[ DISASM ]──────────────────────────────────────────
Invalid address 0x0
|
In newst verion:
test
1
2
3
4
5
6
| [i0gan@arch build]$ ./readpe -e ./test.exe
Exported functions
Library
Name: MZ�ִ�Ǿ
Functions
Segmentation fault (core dumped)
|
