Rex::Arch.adjust_stack_pointer supports only x86

[wvu]

Update it to support x64. I think it's fine to continue using Rex::Arch::X86 (there's no Rex::Arch::X64), since if you need more than 2^32 bytes of adjustment, you're gonna have a bad time.

  #
  # This routine adjusts the stack pointer for a given architecture.
  #
  def self.adjust_stack_pointer(arch, adjustment)


    if arch.is_a?(::Array)
      arch = arch[0]
    end


    case arch
      when /x86/
        Rex::Arch::X86.adjust_reg(Rex::Arch::X86::ESP, adjustment)
      else
        nil
    end
  end

#12377

[bcoles]

Was this a bug ? Was this issue closed by #12377 ?

[wvu]

Don't think so. Updated description.

[bcoles]

On a related note, adjust_stack_pointer is called only once in Framework (perhaps used elsewhere in other other libs), and features this:

    # Default to x86 if we can't find a list of architectures
    if arch && !arch.empty?
      arch = [arch].flatten.join(', ')
    else
      arch = 'x86'
    end

    Rex::Arch::adjust_stack_pointer(arch, adj) || ''

Rex::Arch::adjust_stack_pointer accepts an array - may as well give it one, rather than a comma separated string.

Edit: This may break the following case arch statement, as only the first element of the array is used, and the case performs a regular expression match on x86. This would work for a string containing multiple architectures, but not on an array. This seems like an oversight of the case statement. I'm also not sure how common it would be for multiple architectures to ever reach this method.

[wvu]

Great catch.