Better presentation for stack padding slots

Gallopsled · Oct 3, 2017 · dbdc2ef · dbdc2ef
1 parent 66d8513
commit dbdc2ef
Showing 1 changed file with 10 additions and 2 deletions.
diff --git a/pwnlib/rop/rop.py b/pwnlib/rop/rop.py
@@ -229,6 +229,8 @@ class Padding(object):
     """
     Placeholder for exactly one pointer-width of padding.
     """
+    def __init__(self, name='<pad>'):
+        self.name = name
 
 class DescriptiveStack(list):
     """
@@ -483,14 +485,20 @@ def setRegisters(self, registers):
         stack = []
 
         for gadget in winner:
+            moved = 8 # Account for the gadget itself
             goodregs = set(gadget.regs) & regset
             name = ",".join(goodregs)
             stack.append((gadget.address, gadget))
             for r in gadget.regs:
+                moved += 8
                 if r in registers:
                     stack.append((registers[r], r))
                 else:
-                    stack.append((Padding(), r))
+                    stack.append((Padding('<pad %s>' % r), r))
+
+            for slot in range(moved, gadget.move, context.bytes):
+                left = gadget.move - slot
+                stack.append((Padding('<pad %#x>' % left), 'stack padding'))
 
         return stack
 
@@ -717,7 +725,7 @@ def build(self, base = None, description = None):
 
             elif isinstance(slot, Padding):
                 stack[i] = self.generatePadding(i * context.bytes, context.bytes)
-                stack.describe('<pad>', slot_address)
+                stack.describe(slot.name, slot_address)
 
             elif isinstance(slot, Gadget):
                 stack[i] = slot.address