mirror/upx
1
0
Fork 0
mirror of https://github.com/upx/upx synced 2025-09-28 19:06:07 +08:00
Code Issues Releases Wiki Activity

Added stricter header check during unpacking.

Browse Source 
committer: mfx <mfx> 962126470 +0000
This commit is contained in:
Markus F.X.J. Oberhumer 2000-06-27 17:21:10 +00:00
parent 51b162f069
commit 87a1b66847
1 changed files with 27 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
src/p_w32pe.cpp
View File

@ -113,6 +113,16 @@ const int *PackW32Pe::getFilters() const
} }
bool PackW32Pe::testUnpackVersion(int version) const
{
if (version != ph_version && ph_version != -1)
throwCantUnpack("program has been modified; run a virus checker!");
if (!canUnpackVersion(version))
throwCantUnpack("this program is packed with an obsolete version and cannot be unpacked");
return true;
}
/************************************************************************* /*************************************************************************
// util // util
**************************************************************************/ **************************************************************************/
@ -1434,11 +1444,11 @@ void PackW32Pe::pack(OutputFile *fo)
ih.flags |= RELOCS_STRIPPED; ih.flags |= RELOCS_STRIPPED;
if (memcmp(isection[0].name,"UPX",3) == 0) if (memcmp(isection[0].name,"UPX",3) == 0)
throwAlreadyPacked(); throwAlreadyPackedByUPX();
if (!opt->force && (IDSIZE(15) || ih.entry > isection[1].vaddr)) if (!opt->force && (IDSIZE(15) || ih.entry > isection[1].vaddr))
throwCantPack("file is possibly packed/protected (try --force)"); throwCantPack("file is possibly packed/protected (try --force)");
if (ih.entry && ih.entry < rvamin) if (ih.entry && ih.entry < rvamin)
throwCantPack("run a virus scanner on this file first"); throwCantPack("run a virus scanner on this file!");
if (!opt->force && ih.subsystem == 1) if (!opt->force && ih.subsystem == 1)
throwCantPack("subsystem `native' is not supported (try --force)"); throwCantPack("subsystem `native' is not supported (try --force)");
if (ih.filealign < 0x200) if (ih.filealign < 0x200)
@ -1515,7 +1525,7 @@ void PackW32Pe::pack(OutputFile *fo)
//fwrite(ibuf,1,usize,f1); //fwrite(ibuf,1,usize,f1);
//fclose(f1); //fclose(f1);
// some check for broken linkers - disable filter if neccessary // some checks for broken linkers - disable filter if neccessary
bool allow_filter = true; bool allow_filter = true;
if (ih.codebase == ih.database if (ih.codebase == ih.database
|| ih.codebase + ih.codesize > ih.imagesize || ih.codebase + ih.codesize > ih.imagesize
@ -1878,7 +1888,7 @@ void PackW32Pe::pack(OutputFile *fo)
// unpack // unpack
**************************************************************************/ **************************************************************************/
bool PackW32Pe::canUnpack() int PackW32Pe::canUnpack()
{ {
if (!readFileHeader()) if (!readFileHeader())
return false; return false;
@ -1887,10 +1897,18 @@ bool PackW32Pe::canUnpack()
isection = new pe_section_t[objs]; isection = new pe_section_t[objs];
fi->seek(pe_offset+sizeof(ih),SEEK_SET); fi->seek(pe_offset+sizeof(ih),SEEK_SET);
fi->readx(isection,sizeof(pe_section_t)*objs); fi->readx(isection,sizeof(pe_section_t)*objs);
if (ih.objects < 3 || memcmp(isection[0].name,"UPX",3)) if (ih.objects < 3)
return false; return -1;
return super::readPackHeader(1024, isection[1].rawdataptr - 64) // current version if (memcmp(isection[0].name,"UPX",3))
|| super::readPackHeader(1024, isection[2].rawdataptr); // old versions {
if (ih.objects == 3 && (IDSIZE(15) || ih.entry > isection[1].vaddr))
throwCantUnpack("file is possibly modified/hacked/protected; take care!");
return -1;
}
ph_format = getFormat();
bool b = readPackHeader(1024, isection[1].rawdataptr - 64) // current version
|| readPackHeader(1024, isection[2].rawdataptr); // old versions
return b ? 1 : -1;
} }