Prevent r2 injection when opening a file (#1125)

* Prevent r2 injection while opening a file * Small changes * Changed the title of messagebox * Open file use r2 API * Minor Changes * Minor Changes
2024-12-18 19:06:10 +00:00 · 2019-02-06 01:05:54 +05:30 · 2019-02-06 01:05:54 +05:30 · 99915c990a
commit 99915c990a
parent 3493eae194
4 changed files with 22 additions and 23 deletions
--- a/src/Cutter.cpp
+++ b/src/Cutter.cpp
@ -398,13 +398,23 @@ bool CutterCore::tryFile(QString path, bool rw)
    return true;
 }

-void CutterCore::openFile(QString path, RVA mapaddr)
+/*!
+ * \brief Opens a file using r2 API
+ * \param path Path to file
+ * \param mapaddr Map Address
+ * \return bool
+ */
+bool CutterCore::openFile(QString path, RVA mapaddr)
 {
-    if (mapaddr != RVA_INVALID) {
-        cmd("o " + path + QString(" %1").arg(mapaddr));
+    CORE_LOCK();
+    RVA addr = mapaddr != RVA_INVALID ? mapaddr : 0;
+    ut64 baddr = Core()->getFileInfo().object()["bin"].toObject()["baddr"].toVariant().toULongLong();
+    if (r_core_file_open(core_, path.toUtf8().constData(), R_PERM_RX, addr)) {
+        r_core_bin_load(core_, path.toUtf8().constData(), baddr);
    } else {
-        cmd("o " + path);
+        return false;
    }
+    return true;
 }

 void CutterCore::renameFunction(const QString &oldName, const QString &newName)
--- a/src/Cutter.h
+++ b/src/Cutter.h
@ -492,7 +492,7 @@ public:
    bool loadFile(QString path, ut64 baddr = 0LL, ut64 mapaddr = 0LL, int perms = R_PERM_R,
                  int va = 0, bool loadbin = false, const QString &forceBinPlugin = QString());
    bool tryFile(QString path, bool rw);
-    void openFile(QString path, RVA mapaddr);
+    bool openFile(QString path, RVA mapaddr);
    void loadScript(const QString &scriptname);
    QJsonArray getOpenedFiles();

--- a/src/dialogs/OpenFileDialog.cpp
+++ b/src/dialogs/OpenFileDialog.cpp
@ -33,7 +33,12 @@ void OpenFileDialog::on_buttonBox_accepted()
    if (!mapAddressStr.isEmpty()) {
        mapAddress = Core()->math(mapAddressStr);
    }
-    Core()->openFile(filePath, mapAddress);
+
+    if (!Core()->openFile(filePath, mapAddress)) {
+        QMessageBox::critical(this, tr("Open file"), tr("Failed to open file"));
+        return;
+    }
+    close();
 }

 void OpenFileDialog::on_buttonBox_rejected()
--- a/src/dialogs/OpenFileDialog.ui
+++ b/src/dialogs/OpenFileDialog.ui
@ -48,7 +48,7 @@
     <x>10</x>
     <y>20</y>
     <width>241</width>
-     <height>27</height>
+     <height>29</height>
    </rect>
   </property>
   <layout class="QHBoxLayout" name="horizontalLayout">
@ -124,22 +124,6 @@
 </widget>
 <resources/>
 <connections>
-  <connection>
-   <sender>buttonBox</sender>
-   <signal>accepted()</signal>
-   <receiver>OpenFileDialog</receiver>
-   <slot>accept()</slot>
-   <hints>
-    <hint type="sourcelabel">
-     <x>248</x>
-     <y>254</y>
-    </hint>
-    <hint type="destinationlabel">
-     <x>157</x>
-     <y>274</y>
-    </hint>
-   </hints>
-  </connection>
  <connection>
   <sender>buttonBox</sender>
   <signal>rejected()</signal>