diff --git a/GleeBug/Static.Pe.cpp b/GleeBug/Static.Pe.cpp index d60dc23..d46b558 100644 --- a/GleeBug/Static.Pe.cpp +++ b/GleeBug/Static.Pe.cpp @@ -71,16 +71,18 @@ namespace GleeBug mDosNtOverlap = true; mOffset = newOffset; + mAfterDosData = readRegion(0); } else { //read & verify the data between the DOS header and the NT headers auto afterDosCount = newOffset - mOffset; mAfterDosData = readRegion(afterDosCount); - if (!mAfterDosData) - return ErrorAfterDosHeaderData; } + if (!mAfterDosData) + return ErrorAfterDosHeaderData; + //read & verify the signature auto signature = readRegion(); if (!signature) @@ -156,8 +158,13 @@ namespace GleeBug return ErrorNtFileHeaderSizeOfOptionalHeaderOverlap; //read data after the optional header (TODO: check if this is even possible) - uint32 afterOptionalCount = sizeOfIoh > realSizeOfIoh ? sizeOfIoh - realSizeOfIoh : 0; - mAfterOptionalData = readRegion(afterOptionalCount); + uint32 afterOptionalSize = realSizeOfIoh < sizeOfIoh ? sizeOfIoh - realSizeOfIoh : 0; + mAfterOptionalData = readRegion(afterOptionalSize); + if (!mAfterOptionalData) + { + printf("realSizeOfIoh: %u, sizeOfIoh: %u, afterOptionalSize: %u\n", realSizeOfIoh, sizeOfIoh, afterOptionalSize); + return ErrorAfterOptionalHeaderDataRead; + } //read the section headers mSectionHeaders = readRegion(numberOfSections); @@ -201,8 +208,10 @@ namespace GleeBug //get after section headers data auto firstRawAddress = sortedHeaders[0].header.PointerToRawData; - if (mOffset < firstRawAddress) - mAfterSectionHeadersData = readRegion(firstRawAddress - mOffset); + auto afterDataSize = mOffset < firstRawAddress ? firstRawAddress - mOffset : 0; + mAfterSectionHeadersData = readRegion(afterDataSize); + if (!mAfterSectionHeadersData) + return ErrorAfterSectionHeadersDataRead; //read the actual section data. for (auto & section : sortedHeaders) @@ -236,6 +245,8 @@ namespace GleeBug uint32 Pe::readData(uint32 size) { + if (!size) + return mOffset; std::vector temp(size); if (!mFile.Read(mOffset, temp.data(), size)) @@ -264,8 +275,10 @@ namespace GleeBug mErrorMap.insert({ ErrorNtFileHeaderUnsupportedMachineNtHeadersRegionSize, "ErrorNtFileHeaderUnsupportedMachineNtHeadersRegionSize" }); mErrorMap.insert({ ErrorNtOptionalHeaderRead, "ErrorNtOptionalHeaderRead" }); mErrorMap.insert({ ErrorNtOptionalHeaderMagic, "ErrorNtOptionalHeaderMagic" }); + mErrorMap.insert({ ErrorAfterOptionalHeaderDataRead, "ErrorAfterOptionalHeaderDataRead" }); mErrorMap.insert({ ErrorNtHeadersRegionSize, "ErrorNtHeadersRegionSize" }); mErrorMap.insert({ ErrorSectionHeadersRead, "ErrorSectionHeadersRead" }); + mErrorMap.insert({ ErrorAfterSectionHeadersDataRead, "ErrorAfterSectionHeadersDataRead" }); mErrorMap.insert({ ErrorBeforeSectionDataRead, "ErrorBeforeSectionDataRead" }); mErrorMap.insert({ ErrorSectionDataRead, "ErrorSectionDataRead" }); } diff --git a/GleeBug/Static.Pe.h b/GleeBug/Static.Pe.h index eb49408..2aaad1c 100644 --- a/GleeBug/Static.Pe.h +++ b/GleeBug/Static.Pe.h @@ -27,8 +27,10 @@ namespace GleeBug ErrorNtFileHeaderUnsupportedMachineNtHeadersRegionSize, ErrorNtOptionalHeaderRead, ErrorNtOptionalHeaderMagic, + ErrorAfterOptionalHeaderDataRead, ErrorNtHeadersRegionSize, ErrorSectionHeadersRead, + ErrorAfterSectionHeadersDataRead, ErrorBeforeSectionDataRead, ErrorSectionDataRead }; diff --git a/MyDebugger/main.cpp b/MyDebugger/main.cpp index 941b9a5..dc58a54 100644 --- a/MyDebugger/main.cpp +++ b/MyDebugger/main.cpp @@ -149,7 +149,7 @@ static void testCorkami() int main() { - testPeFile(L"C:\\test64.exe"); + //testPeFile(L"C:\\test64.exe"); testCorkami(); puts(""); system("pause");