From 1480e6ba39fdaacaf558dd099ccf1b87c9b92d6a Mon Sep 17 00:00:00 2001
From: Malfurious <m@lfurio.us>
Date: Wed, 6 Jul 2022 23:42:57 -0400
Subject: sploit: Fix bugs involving Symtbl base value

Some code previously assumed a Symtbl's base value to always be zero.
This was often the case, however the assumption would break (for example)
when attempting to rebase() a mapped Symtbl.

As of the previous patch enabling freer modification of base, the
potentiality of these bugs will be higher.

Signed-off-by: Malfurious <m@lfurio.us>
Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
---
 tools/sploit/sploit/mem.py     | 2 +-
 tools/sploit/sploit/payload.py | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/tools/sploit/sploit/mem.py b/tools/sploit/sploit/mem.py
index 9ae0575..3a3e697 100644
--- a/tools/sploit/sploit/mem.py
+++ b/tools/sploit/sploit/mem.py
@@ -36,7 +36,7 @@ class Symtbl:
             self.sym[k] = v + off
 
     def rebase(self, off):
-        self.adjust(-off)
+        self.adjust(self.base - off)
 
     def __str__(_self):
         FMT = '\n{:<20} {:<20}'
diff --git a/tools/sploit/sploit/payload.py b/tools/sploit/sploit/payload.py
index 9fab65e..a7721e0 100644
--- a/tools/sploit/sploit/payload.py
+++ b/tools/sploit/sploit/payload.py
@@ -28,13 +28,13 @@ class Payload(Symtbl):
         return f'{kind}_{ctr}'
 
     def __append(self, value, sym):
-        setattr(self, sym, len(self))
+        setattr(self, sym, self.base + len(self))
         self._namesp.payload += value
         return self
 
     def __prepend(self, value, sym):
         self.adjust(len(value))
-        setattr(self, sym, 0)
+        setattr(self, sym, self.base)
         self._namesp.payload = value + self._namesp.payload
         return self
 
-- 
cgit v1.2.3