From 6b5669825a1277315cadb9c5cfa0729fbb136d6a Mon Sep 17 00:00:00 2001
From: hal3002 <hal@nutsec.org>
Date: Sat, 13 Aug 2022 17:03:26 -0500
Subject: [PATCH] This should resolve #42.  I noticed a similar issue and
 discovered that pm.name also includes the page permissions 'rw-p [stack]'
 instead of just ['stack']

---
 exploitable/lib/analyzers/x86.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/exploitable/lib/analyzers/x86.py b/exploitable/lib/analyzers/x86.py
index 4eb809f..fcc4fe7 100644
--- a/exploitable/lib/analyzers/x86.py
+++ b/exploitable/lib/analyzers/x86.py
@@ -100,7 +100,7 @@ def isErrorWhileExecutingFromStack(self):
         if self.isBenign():
             return False
         sect = self.target.procmaps().findByAddr(self.target.pc())
-        if sect and sect.name == "[stack]": # maybe check threadstacks too?
+        if sect and "[stack]" in sect.name: # maybe check threadstacks too?
             return True
         return False
 
@@ -139,7 +139,7 @@ def isPossibleStackCorruption(self):
                 return True
     
             pm = self.target.procmaps().findByAddr(self.target.stack_pointer())
-            if not pm or pm.name != "[stack]":
+            if not pm or "[stack]" not in pm.name:
                 return True
     
         return False
@@ -179,7 +179,7 @@ def isStackOverflow(self):
 
         # verify the stack pointer is outside the default stack region
         pm = self.target.procmaps().findByAddr(self.target.stack_pointer())
-        if pm and pm.name == "[stack]":
+        if pm and "[stack]" in pm.name:
             return False
 
         return True