Fix #2855 - use after free in r_num_calc_index

radareorg · Jul 5, 2015 · 2293eb3 · 2293eb3
1 parent 9dd078d
commit 2293eb3
Showing 1 changed file with 8 additions and 6 deletions.
diff --git a/libr/core/core.c b/libr/core/core.c
@@ -141,12 +141,14 @@ static ut64 num_callback(RNum *userptr, const char *str, int *ok) {
 		}
 		// push state
 		{
-			char *o = strdup (str+1);
-			const char *q = r_num_calc_index (core->num, NULL);
-			r_str_replace_char (o, ']', 0);
-			n = r_num_math (core->num, o);
-			r_num_calc_index (core->num, q);
-			free (o);
+			if (str[1]) {
+				char *o = strdup (str+1);
+				const char *q = r_num_calc_index (core->num, NULL);
+				r_str_replace_char (o, ']', 0);
+				n = r_num_math (core->num, o);
+				r_num_calc_index (core->num, q);
+				free (o);
+			}
 		}
 		// pop state
 		if (ok) *ok = 1;