CVEs-PoC/2020/CVE-2020-27795.md

### [CVE-2020-27795](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27795)
![](https://img.shields.io/static/v1?label=Product&message=radare2&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20Fixed%20in%20v4.4.0.%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-908%20-%20Use%20of%20Uninitialized%20Resource&color=brighgreen)

### Description

A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command "adf" has no or wrong argument, anal_fcn_data (core, input + 1) --> RAnalFunction *fcn = r_anal_get_fcn_in (core->anal, core->offset, -1); returns null pointer for fcn causing segmentation fault later in ensure_fcn_range (fcn).

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/Live-Hack-CVE/CVE-2020-27795