From 00b07fe5fc2f75945c6eab465ffdf875d53caa2d Mon Sep 17 00:00:00 2001
From: PoroCYon <porocyon@titandemo.org>
Date: Mon, 24 Aug 2020 20:15:51 +0200
Subject: [PATCH] fix 32-bit crc32c binaries segfaulting, fix smoldd's --hash16
 handling

---
 rt/loader32.asm |  5 ++++-
 smoldd.py       | 12 ++++++++++--
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/rt/loader32.asm b/rt/loader32.asm
index f07742e..38a4ab3 100644
--- a/rt/loader32.asm
+++ b/rt/loader32.asm
@@ -107,7 +107,7 @@ _smol_start:
 
                 ; source in eax, result in eax
 %ifdef USE_CRC32C_HASH
-           xor ecx, ecx
+            xor eax, eax
 %else
     %ifndef USE_HASH16
            push ebx
@@ -125,6 +125,7 @@ _smol_start:
               lodsb
                  or al, al
                xchg eax, ecx
+              ;jcxz .breakhash
                  jz short .breakhash
 
 %ifdef USE_CRC32C_HASH
@@ -144,8 +145,10 @@ _smol_start:
                 jmp short .nexthashiter
 
         .breakhash:
+%ifndef USE_CRC32C_HASH
 %ifndef USE_HASH16
             pop ebx
+%endif
 %endif
             pop ecx
 ;%ifndef USE_HASH16
diff --git a/smoldd.py b/smoldd.py
index 8363683..0bc29dc 100755
--- a/smoldd.py
+++ b/smoldd.py
@@ -114,18 +114,26 @@ def get_hashtbl(elf, blob, args):
 
     tbl = []
     while True:
+        hashsz = 2 if elf.is32bit and args.hash16 else 4
+
         #eprintf("sym from 0x%08x" % htoff)
-        if len(blob)-htoff < 4:
+        #eprintf("sym end at 0x%08x, blob end at 0x%08x" % (htoff+hashsz, len(blob)))
+        if htoff+hashsz > len(blob):
             #eprintf("htoff = 0x%08x, len=%08x" % (htoff, len(blob)))
             if len(blob) <= htoff and len(tbl) > 0:
                 break
             #if elf.is32bit:
             if struct.unpack('<B', blob[htoff:htoff+1])[0] == 0:
                 break
+            else:
+                assert False, "AAAAA rest is %s" % repr(blob[htoff:])
             #else:
             #    if struct.unpack('<H', blob[htoff:htoff+2])[0] == 0:
             #        break
-        val = struct.unpack('<I', blob[htoff:htoff+4])[0]
+            #    else:
+            #        assert False, "AAAAA rest is %s" % repr(blob[htoff:])
+        val = struct.unpack(('<I' if hashsz == 4 else '<H'),
+                            blob[htoff:htoff+hashsz])[0]
         if (val & 0xFFFF) == 0: break
         tbl.append(val)
         #eprintf("sym %08x" % val)