From 8e2b4fab035279f18b015374121933b2f937a8fc Mon Sep 17 00:00:00 2001
From: dusoleil <howcansocksbereal@gmail.com>
Date: Fri, 11 Mar 2022 09:19:25 -0500
Subject: sploit: reverse direction of r2 get_locals offsets

rev.r2's get_locals() function returns a Symtbl of offsets representing
the local variables on in a stack frame of a particular function.  The
offsets returned by r2 are based around the base of the stack, but they
are increasing in value as they grow from the stack.  To properly model
memory, they should decrease in value as they grow from the stack.

Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
---
 sploit/rev/r2.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sploit/rev/r2.py b/sploit/rev/r2.py
index cd4684f..c133c33 100644
--- a/sploit/rev/r2.py
+++ b/sploit/rev/r2.py
@@ -54,7 +54,7 @@ def get_locals(binary,func):
     cmd_locals = f's {func};af;aafr;aaft;afvf'
     out = r2.run_cmd(binary,cmd_locals)
     out = [re.split(r':?\s+',var) for var in out]
-    out = {var[1]:int(var[0],0)-arch.wordsize for var in out}
+    out = {var[1]:-(int(var[0],0)-arch.wordsize) for var in out}
     return Symtbl(**out)
 
 def ret_gadget(binary):
-- 
cgit v1.2.3