mirror/upx
1
0
Fork 0
mirror of https://github.com/upx/upx synced 2025-09-28 19:06:07 +08:00
Code Issues Releases Wiki Activity

PeFile: better checking for import descriptors

Browse Source 
modified:   pefile.cpp
This commit is contained in:
John Reiser 2017-11-08 12:38:54 -08:00
parent 5d9dcb634b
commit 58771ecca6
1 changed files with 28 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
src/pefile.cpp
View File

@ -555,37 +555,49 @@ void PeFile64::processRelocs() // pass1
//__packed_struct_end() //__packed_struct_end()
LE32& PeFile::IDSIZE(unsigned x) { LE32& PeFile::IDSIZE(unsigned x) {
if ((file_size - sizeof(import_desc)) < iddirs[x].size) { unsigned const z = iddirs[x].size + iddirs[x].vaddr;
char buf[52]; if (z < iddirs[x].size // wrap-around
snprintf(buf,sizeof(buf),"bad import[%d].size %#x", || file_size < z // overrun
(unsigned)x, (unsigned)iddirs[x].size); ) {
char buf[60];
snprintf(buf,sizeof(buf),"bad import[%d]{%#x, %#x}",
(unsigned)x, (unsigned)iddirs[x].vaddr, (unsigned)iddirs[x].size);
throwCantPack(buf); throwCantPack(buf);
} }
return iddirs[x].size; return iddirs[x].size;
} }
LE32& PeFile::IDADDR(unsigned x) { LE32& PeFile::IDADDR(unsigned x) {
if ((file_size - sizeof(import_desc)) < iddirs[x].vaddr) { unsigned const z = iddirs[x].size + iddirs[x].vaddr;
char buf[52]; if (z < iddirs[x].vaddr // wrap-around
snprintf(buf,sizeof(buf),"bad import[%d].vaddr %#x", || file_size < z // overrun
(unsigned)x, (unsigned)iddirs[x].vaddr); ) {
char buf[60];
snprintf(buf,sizeof(buf),"bad import[%d]{%#x, %#x}",
(unsigned)x, (unsigned)iddirs[x].vaddr, (unsigned)iddirs[x].size);
throwCantPack(buf); throwCantPack(buf);
} }
return iddirs[x].vaddr; return iddirs[x].vaddr;
} }
LE32& PeFile::ODSIZE(unsigned x) { LE32& PeFile::ODSIZE(unsigned x) {
if ((file_size - sizeof(import_desc)) < oddirs[x].size) { unsigned const z = oddirs[x].size + oddirs[x].vaddr;
char buf[52]; if (z < oddirs[x].size // wrap-around
snprintf(buf,sizeof(buf),"bad export[%d].size %#x", || file_size < z // overrun
(unsigned)x, (unsigned)oddirs[x].size); ) {
char buf[60];
snprintf(buf,sizeof(buf),"bad export[%d]{%#x, %#x}",
(unsigned)x, (unsigned)oddirs[x].vaddr, (unsigned)oddirs[x].size);
throwCantPack(buf); throwCantPack(buf);
} }
return oddirs[x].size; return oddirs[x].size;
} }
LE32& PeFile::ODADDR(unsigned x) { LE32& PeFile::ODADDR(unsigned x) {
if ((file_size - sizeof(import_desc)) < oddirs[x].vaddr) { unsigned const z = oddirs[x].size + oddirs[x].vaddr;
char buf[52]; if (z < oddirs[x].vaddr // wrap-around
snprintf(buf,sizeof(buf),"bad export[%d].vaddr %#x", || file_size < z // overrun
(unsigned)x, (unsigned)oddirs[x].vaddr); ) {
char buf[60];
snprintf(buf,sizeof(buf),"bad export[%d]{%#x, %#x}",
(unsigned)x, (unsigned)oddirs[x].vaddr, (unsigned)oddirs[x].size);
throwCantPack(buf); throwCantPack(buf);
} }
return oddirs[x].vaddr; return oddirs[x].vaddr;