shellblocks: src: print: Jump over printed string

Author: shaymargolis

shellblocks/src/print.S

@@ -2,8 +2,11 @@
 
 .global start
 start:
+    // Save $ra
     addiu $sp, -4
     sw $ra, 0($sp)
+
+    // Get $pc using bal
     bal code
     nop
 code:
@@ -16,9 +19,18 @@ code:
     jalr $v0
     nop
 
+    // Restore $ra
     lw $ra, 0($sp)
     addiu $sp, 4
     nop
 
+    // Jump over the printed string, to ensure we can run
+    // another primitive after this one.
+    b end_of_code
+
 print_string:
     .asciiz PRINT_STRING
+    .align 2
+
+end_of_code:
+    nop

tests/test_print.py

@@ -128,9 +128,7 @@ def test_print_reaches_end(
         stack_address
     )
 
-    end_of_code = shellcode.find(string_to_print.encode())
-
-    print_mu.emu_start(shellcode_address, shellcode_address + end_of_code)
+    print_mu.emu_start(shellcode_address, shellcode_address + len(shellcode))
 
     assert (stack_address + 0x2000) == print_mu.reg_read(UC_MIPS_REG_29)
 
@@ -157,6 +155,4 @@ def test_print_is_pic(
         stack_address
     )
 
-    end_of_code = shellcode.find(string_to_print.encode())
-
-    print_mu.emu_start(shellcode_run_addr, shellcode_run_addr + end_of_code)
+    print_mu.emu_start(shellcode_run_addr, shellcode_run_addr + len(shellcode))