diff options
Diffstat (limited to 'plugins/pe/pe-int.c')
-rw-r--r-- | plugins/pe/pe-int.c | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/plugins/pe/pe-int.c b/plugins/pe/pe-int.c index db09c15..4104ce1 100644 --- a/plugins/pe/pe-int.c +++ b/plugins/pe/pe-int.c @@ -27,7 +27,9 @@ #include <malloc.h> #include <string.h> +#include <i18n.h> #include <common/endianness.h> +#include <core/logs.h> @@ -145,7 +147,7 @@ bool read_pe_optional_header(const GPeFormat *format, vmpa2t *pos, image_optiona image_optional_header_32 *hdr32; /* Version 32 bits */ image_optional_header_64 *hdr64; /* Version 64 bits */ image_data_directory *directories; /* Répertoires à charger */ - uint32_t number_of_rva_and_sizes; /* Quantité de ces répertoires */ + uint32_t *number_of_rva_and_sizes; /* Quantité de ces répertoires */ uint32_t i; /* Boucle de parcours */ content = G_KNOWN_FORMAT(format)->content; @@ -194,7 +196,7 @@ bool read_pe_optional_header(const GPeFormat *format, vmpa2t *pos, image_optiona if (result) result = g_binary_content_read_u32(content, pos, SRE_LITTLE, &hdr32->number_of_rva_and_sizes); directories = hdr32->data_directory; - number_of_rva_and_sizes = hdr32->number_of_rva_and_sizes; + number_of_rva_and_sizes = &hdr32->number_of_rva_and_sizes; } else @@ -235,11 +237,21 @@ bool read_pe_optional_header(const GPeFormat *format, vmpa2t *pos, image_optiona if (result) result = g_binary_content_read_u32(content, pos, SRE_LITTLE, &hdr64->number_of_rva_and_sizes); directories = hdr64->data_directory; - number_of_rva_and_sizes = hdr64->number_of_rva_and_sizes; + number_of_rva_and_sizes = &hdr64->number_of_rva_and_sizes; } - for (i = 0; i < number_of_rva_and_sizes && result; i++) + if (result && *number_of_rva_and_sizes > IMAGE_NUMBEROF_DIRECTORY_ENTRIES) + { + log_variadic_message(LMT_BAD_BINARY, + _("Corrupted number of directories (%u); fixed!"), + *number_of_rva_and_sizes); + + *number_of_rva_and_sizes = IMAGE_NUMBEROF_DIRECTORY_ENTRIES; + + } + + for (i = 0; i < *number_of_rva_and_sizes && result; i++) { result = g_binary_content_read_u32(content, pos, SRE_LITTLE, &directories[i].virtual_address); if (result) result = g_binary_content_read_u32(content, pos, SRE_LITTLE, &directories[i].size); |