mapped_malloc() uses labels starting with "*" for indirect allocations.
Those allocations require a fixed start address.
Only enter that path when the caller opted in with canbang. This keeps
ordinary mappings from following that path because of label text alone.
ab->baseaddr_direct_w = NULL;
ab->flags &= ~ABFLAG_MAPPED;
- if (ab->label && ab->label[0] == '*') {
+ if (canbang && ab->label && ab->label[0] == '*') {
if (ab->start == 0 || ab->start == 0xffffffff) {
write_log(_T("mapped_malloc(*) without start address!\n"));
return false;