From a9e46e9d37095026625c10c8831a81cbe8a2e5e1 Mon Sep 17 00:00:00 2001
From: pancake <pancake@nopcode.org>
Date: Sun, 5 Mar 2023 01:51:55 +0100
Subject: [PATCH] Move slow test, fix mz regression and unref in regitem

---
 libr/bin/p/bin_mz.c      |  4 ++--
 libr/reg/reg.c           |  6 ++++-
 test/db/cmd/slow         | 52 ++++++++++++++++++++++++++++++++++++++++
 test/db/formats/mz/unzip |  8 -------
 test/fuzz/fuzz_cmd.c     | 11 ++++++---
 5 files changed, 67 insertions(+), 14 deletions(-)

diff --git a/libr/bin/p/bin_mz.c b/libr/bin/p/bin_mz.c
index f6dc161b17..200e9d60ba 100644
--- a/libr/bin/p/bin_mz.c
+++ b/libr/bin/p/bin_mz.c
@@ -45,8 +45,8 @@ static bool knownHeaderBuffer(RBuffer *b, ut16 offset) {
 static bool checkEntrypointBuffer(RBuffer *b) {
 	st16 cs = r_buf_read_le16_at (b, 0x16);
 	ut16 ip = r_buf_read_le16_at (b, 0x14);
-	ut32 v = r_buf_read_le16_at (b, 0x08);
-	if ((st32)v < 4) {
+	ut16 v = r_buf_read_le16_at (b, 0x08);
+	if ((st16)v < 1) {
 		return false;
 	}
 	ut32 pa = ((v + cs) << 4) + ip;
diff --git a/libr/reg/reg.c b/libr/reg/reg.c
index 142a06717f..e7091c1c50 100644
--- a/libr/reg/reg.c
+++ b/libr/reg/reg.c
@@ -130,6 +130,10 @@ R_API int r_reg_type_by_name(const char *str) {
 	return -1;
 }
 
+static void r_reg_item_unref(RRegItem *item) {
+	r_unref (item);
+}
+
 R_API void r_reg_item_free(RRegItem *item) {
 	if (item) {
 		// TODO use unref here :?
@@ -369,7 +373,7 @@ R_API void r_reg_set_copy(RRegSet *d, RRegSet *s) {
 	RRegArena *a;
 	RListIter *iter;
 	d->pool = r_list_newf ((RListFree)r_reg_arena_free);
-	d->regs = r_list_newf ((RListFree)r_reg_item_free);
+	d->regs = r_list_newf ((RListFree)r_reg_item_unref);
 	r_list_foreach (s->pool, iter, a) {
 		RRegArena *na = r_reg_arena_clone (a);
 		r_list_append (d->pool, na);
diff --git a/test/db/cmd/slow b/test/db/cmd/slow
index 383ec9ab1d..2813428d5f 100644
--- a/test/db/cmd/slow
+++ b/test/db/cmd/slow
@@ -131136,3 +131136,55 @@ nth    paddr         size vaddr        vsize perm type name
 EOF
 EXPECT_ERR=
 RUN
+
+NAME=MZ: unzip.exe - open
+FILE=bins/mz/unzip.exe
+CMDS=<<EOF
+?e === aab
+e anal.hasnext=true
+?t aab
+aflc
+?e === aa+a2f
+af-*
+?t aa
+e anal.hasnext=false
+e anal.a2f=true
+aflc
+?e === aa-a2f
+af-*
+e anal.hasnext=false
+e anal.a2f=false
+?t aa
+aflc
+?e === aa+hasnext
+af-*
+e anal.hasnext=true
+?t aa
+aflc
+?e === aac+a2f+next
+af-*
+e anal.a2f=true
+e anal.hasnext=true
+?t aac
+aflc
+?e === aac-a2f+next
+af-*
+e anal.a2f=false
+e anal.hasnext=true
+?t aac
+aflc
+?e === aac-a2f-next
+af-*
+e anal.a2f=false
+e anal.hasnext=false
+?t aac
+aflc
+EOF
+EXPECT=<<EOF
+290
+EOF
+EXPECT_ERR=<<EOF
+290
+EOF
+RUN
+
diff --git a/test/db/formats/mz/unzip b/test/db/formats/mz/unzip
index 66e2ba10f7..32e910e83a 100644
--- a/test/db/formats/mz/unzip
+++ b/test/db/formats/mz/unzip
@@ -1,11 +1,3 @@
-NAME=MZ: unzip.exe - open
-FILE=bins/mz/unzip.exe
-ARGS=-A
-CMDS=q!
-EXPECT=<<EOF
-EOF
-RUN
-
 NAME=MZ: unzip.exe - entrypoint
 FILE=bins/mz/unzip.exe
 CMDS=s
diff --git a/test/fuzz/fuzz_cmd.c b/test/fuzz/fuzz_cmd.c
index 94e9a0c7f1..00d303427b 100644
--- a/test/fuzz/fuzz_cmd.c
+++ b/test/fuzz/fuzz_cmd.c
@@ -7,13 +7,18 @@ int LLVMFuzzerInitialize(int *lf_argc, char ***lf_argv) {
 
 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
 	RCore *r = r_core_new();
+	if (Size < 1) {
+		return 0;
+	}
 
 	r_core_cmdf (r, "o malloc://%zu", Size);
 	r_io_write_at (r->io, 0, Data, Size);
 
-	char *cmd = r_str_ndup (Data, Size);
-	r_core_cmd0 (r, cmd);
-	free (cmd);
+	char *cmd = r_str_ndup ((const char *)Data, Size);
+	if (cmd) {
+		r_core_cmd_lines (r, cmd);
+		free (cmd);
+	}
 
 	r_core_free (r);
 	return 0;