The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 allow remote attackers to cause a denial of service via a crafted binary file, as demonstrated by the r_read_le32 function.