jory/upx
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

PE: fix comparison against a constant value

Browse Source 
... due to size always being assigned to right before this comparison,
and instead check against the RVA and size of the export directory
from the header. (note: this is still stricter than the Windows loader
which ignores all of these except the directory RVA, but if the name RVA
is invalid the PE was probably tampered with).
Change 'offset' to 'RVA' in exception message; this field is always an RVA

  Author:    Mattiwatti <mattiwatti@gmail.com>
	modified:   pefile.cpp
This commit is contained in:
Mattiwatti 2018-03-31 16:28:28 +02:00 committed by John Reiser
parent 563165e6ae
commit 2c2e108301
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/pefile.cpp
View File

@ -1111,9 +1111,9 @@ void PeFile::Export::convert(unsigned eoffs,unsigned esize)
size = sizeof(export_dir_t);
iv.add(eoffs,size);
if (getsize() <= (unsigned)edir.name) {
if (eoffs + esize <= (unsigned)edir.name) {
char msg[50]; snprintf(msg, sizeof(msg),
"bad export directory name offset %#x", (unsigned)edir.name);
"bad export directory name RVA %#x", (unsigned)edir.name);
throwInternalError(msg);
}
unsigned len = strlen(base + edir.name) + 1;