Revert Chunk.size meaning, add Chunk.real_size

3 years ago · 4069400262
parent 74f07b33c5
commit 4069400262
2 changed files with 25 additions and 22 deletions
--- a/pwndbg/commands/heap.py
+++ b/pwndbg/commands/heap.py
@ -317,20 +317,22 @@ def malloc_chunk(addr, fake=False, verbose=False, simple=False):
            if allocator.has_tcache():
                tcachebins = allocator.tcachebins(None)

-            if chunk.size in fastbins.keys() and chunk.address in fastbins[chunk.size]:
+            if chunk.real_size in fastbins.keys() and chunk.address in fastbins[chunk.real_size]:
                headers_to_print.append(message.on("Free chunk (fastbins)"))
                if not verbose:
                    fields_to_print.add("fd")

-            elif chunk.size in smallbins.keys() and chunk.address in bin_addrs(
-                smallbins[chunk.size], "smallbins"
+            elif chunk.real_size in smallbins.keys() and chunk.address in bin_addrs(
+                smallbins[chunk.real_size], "smallbins"
            ):
                headers_to_print.append(message.on("Free chunk (smallbins)"))
                if not verbose:
                    fields_to_print.update(["fd", "bk"])

-            elif chunk.size >= list(largebins.items())[0][0] and chunk.address in bin_addrs(
-                largebins[(list(largebins.items())[allocator.largebin_index(chunk.size) - 64][0])],
+            elif chunk.real_size >= list(largebins.items())[0][0] and chunk.address in bin_addrs(
+                largebins[
+                    (list(largebins.items())[allocator.largebin_index(chunk.real_size) - 64][0])
+                ],
                "largebins",
            ):
                headers_to_print.append(message.on("Free chunk (largebins)"))
@ -344,8 +346,9 @@ def malloc_chunk(addr, fake=False, verbose=False, simple=False):

            elif (
                allocator.has_tcache()
-                and chunk.size in tcachebins.keys()
-                and chunk.address + ptr_size * 2 in bin_addrs(tcachebins[chunk.size], "tcachebins")
+                and chunk.real_size in tcachebins.keys()
+                and chunk.address + ptr_size * 2
+                in bin_addrs(tcachebins[chunk.real_size], "tcachebins")
            ):
                headers_to_print.append(message.on("Free chunk (tcache)"))
                if not verbose:
@ -357,9 +360,9 @@ def malloc_chunk(addr, fake=False, verbose=False, simple=False):
    if verbose:
        fields_to_print.update(["prev_size", "size", "fd", "bk", "fd_nextsize", "bk_nextsize"])
    else:
-        out_fields += "Size: 0x{:02x}\n".format(chunk.size_field)
+        out_fields += "Size: 0x{:02x}\n".format(chunk.size)

-    prev_inuse, is_mmapped, non_main_arena = allocator.chunk_flags(chunk.size_field)
+    prev_inuse, is_mmapped, non_main_arena = allocator.chunk_flags(chunk.size)
    if prev_inuse:
        headers_to_print.append(message.hint("PREV_INUSE"))
    if is_mmapped:
--- a/pwndbg/heap/ptmalloc.py
+++ b/pwndbg/heap/ptmalloc.py
@ -37,8 +37,8 @@ class Chunk:
        self._gdbValue = pwndbg.gdblib.memory.poi(pwndbg.heap.current.malloc_chunk, addr)
        self.address = int(self._gdbValue.address)
        self._prev_size = None
-        self._size_field = None
        self._size = None
+        self._real_size = None
        self._flags = None
        self._non_main_arena = None
        self._is_mmapped = None
@ -74,32 +74,32 @@ class Chunk:
        return self._prev_size

    @property
-    def size_field(self):
-        if self._size_field is None:
+    def size(self):
+        if self._size is None:
            try:
-                self._size_field = int(self._gdbValue[self.__match_renamed_field("size")])
+                self._size = int(self._gdbValue[self.__match_renamed_field("size")])
            except gdb.MemoryError:
                pass

-        return self._size_field
+        return self._size

    @property
-    def size(self):
-        if self._size is None:
+    def real_size(self):
+        if self._real_size is None:
            try:
-                self._size = int(
+                self._real_size = int(
                    self._gdbValue[self.__match_renamed_field("size")]
                    & ~(ptmalloc.NON_MAIN_ARENA | ptmalloc.IS_MMAPPED | ptmalloc.PREV_INUSE)
                )
            except gdb.MemoryError:
                pass

-        return self._size
+        return self._real_size

    @property
    def flags(self):
        if self._flags is None:
-            if self.size_field is not None:
+            if self.size is not None:
                self._flags = {
                    "non_main_arena": self.non_main_arena,
                    "is_mmapped": self.is_mmapped,
@ -111,7 +111,7 @@ class Chunk:
    @property
    def non_main_arena(self):
        if self._non_main_arena is None:
-            sz = self.size_field
+            sz = self.size
            if sz is not None:
                self._non_main_arena = bool(sz & ptmalloc.NON_MAIN_ARENA)

@ -120,7 +120,7 @@ class Chunk:
    @property
    def is_mmapped(self):
        if self._is_mmapped is None:
-            sz = self.size_field
+            sz = self.size
            if sz is not None:
                self._is_mmapped = bool(sz & ptmalloc.IS_MMAPPED)

@ -129,7 +129,7 @@ class Chunk:
    @property
    def prev_inuse(self):
        if self._prev_inuse is None:
-            sz = self.size_field
+            sz = self.size
            if sz is not None:
                self._prev_inuse = bool(sz & ptmalloc.PREV_INUSE)