From 95dbfc03236bd9aa50fbd5136316797ec53d9a13 Mon Sep 17 00:00:00 2001
From: Fish <ltfish@users.noreply.github.com>
Date: Tue, 26 Mar 2024 15:26:44 -0700
Subject: [PATCH] load_value: Fix addr integer overflow. Close angr/angr#4533.
 (#383)

---
 pyvex_c/analysis.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/pyvex_c/analysis.c b/pyvex_c/analysis.c
index df9c8d86..459a0b38 100644
--- a/pyvex_c/analysis.c
+++ b/pyvex_c/analysis.c
@@ -446,12 +446,15 @@ Bool load_value(ULong addr, int size, int endness, void *value) {
 		return False;
 	}
 	unsigned char* ptr = NULL;
-	if (regions[pos].in_use && regions[pos].start <= addr &&
-			regions[pos].start + regions[pos].size >= addr + size) {
+	if (regions[pos].in_use &&
+		regions[pos].start <= addr &&
+		regions[pos].start <= addr + size &&
+		regions[pos].start + regions[pos].size >= addr + size) {
 		ptr = regions[pos].content + (addr - regions[pos].start);
 	} else if (pos > 0 &&
 			regions[pos - 1].in_use &&
 			regions[pos - 1].start <= addr &&
+			regions[pos - 1].start <= addr + size &&
 			regions[pos - 1].start + regions[pos - 1].size >= addr + size) {
 		ptr = regions[pos - 1].content + (addr - regions[pos - 1].start);
 	} else {