DBG: fixed some possible buffer overflows in dbghelp + fixed condition to copy the original name in the label buffer

2014-11-08 20:44:22 +01:00 · 2014-11-08 20:44:22 +01:00 · bdda41563c
parent 7bb177a2b4
commit bdda41563c
2 changed files with 7 additions and 7 deletions
--- a/x64_dbg_dbg/_exports.cpp
+++ b/x64_dbg_dbg/_exports.cpp
@ -101,14 +101,14 @@ extern "C" DLL_EXPORT bool _dbg_addrinfoget(duint addr, SEGMENTREG segment, ADDR
        else //no user labels
        {
            DWORD64 displacement = 0;
-            char buffer[sizeof(SYMBOL_INFO) + MAX_LABEL_SIZE * sizeof(char)];
+            char buffer[sizeof(SYMBOL_INFO) + MAX_SYM_NAME * sizeof(char)];
            PSYMBOL_INFO pSymbol = (PSYMBOL_INFO)buffer;
            pSymbol->SizeOfStruct = sizeof(SYMBOL_INFO);
            pSymbol->MaxNameLen = MAX_LABEL_SIZE;
            if(SymFromAddr(fdProcessInfo->hProcess, (DWORD64)addr, &displacement, pSymbol) and !displacement)
            {
                pSymbol->Name[pSymbol->MaxNameLen - 1] = '\0';
-                if(bUndecorateSymbolNames and !UnDecorateSymbolName(pSymbol->Name, addrinfo->label, MAX_LABEL_SIZE, UNDNAME_COMPLETE))
+                if(!bUndecorateSymbolNames or !UnDecorateSymbolName(pSymbol->Name, addrinfo->label, MAX_LABEL_SIZE, UNDNAME_COMPLETE))
                    strcpy_s(addrinfo->label, pSymbol->Name);
                retval = true;
            }
@ -124,7 +124,7 @@ extern "C" DLL_EXPORT bool _dbg_addrinfoget(duint addr, SEGMENTREG segment, ADDR
                        if(SymFromAddr(fdProcessInfo->hProcess, (DWORD64)val, &displacement, pSymbol) and !displacement)
                        {
                            pSymbol->Name[pSymbol->MaxNameLen - 1] = '\0';
-                            if(bUndecorateSymbolNames and !UnDecorateSymbolName(pSymbol->Name, addrinfo->label, MAX_LABEL_SIZE, UNDNAME_COMPLETE))
+                            if(!bUndecorateSymbolNames or !UnDecorateSymbolName(pSymbol->Name, addrinfo->label, MAX_LABEL_SIZE, UNDNAME_COMPLETE))
                                sprintf_s(addrinfo->label, "JMP.&%s", pSymbol->Name);
                            retval = true;
                        }
--- a/x64_dbg_dbg/symbolinfo.cpp
+++ b/x64_dbg_dbg/symbolinfo.cpp
@ -128,10 +128,10 @@ bool symfromname(const char* name, uint* addr)
 {
    if(!name or !strlen(name) or !addr or !_strnicmp(name, "ordinal", 7)) //skip 'OrdinalXXX'
        return false;
-    char buffer[sizeof(SYMBOL_INFO) + MAX_LABEL_SIZE * sizeof(char)];
+    char buffer[sizeof(SYMBOL_INFO) + MAX_SYM_NAME * sizeof(char)];
    PSYMBOL_INFO pSymbol = (PSYMBOL_INFO)buffer;
    pSymbol->SizeOfStruct = sizeof(SYMBOL_INFO);
-    pSymbol->MaxNameLen = MAX_LABEL_SIZE - 1;
+    pSymbol->MaxNameLen = MAX_LABEL_SIZE;
    if(!SymFromName(fdProcessInfo->hProcess, name, pSymbol))
        return false;
    *addr = (uint)pSymbol->Address;
@ -149,14 +149,14 @@ const char* symgetsymbolicname(uint addr)
    else //no user labels
    {
        DWORD64 displacement = 0;
-        char buffer[sizeof(SYMBOL_INFO) + MAX_LABEL_SIZE * sizeof(char)];
+        char buffer[sizeof(SYMBOL_INFO) + MAX_SYM_NAME * sizeof(char)];
        PSYMBOL_INFO pSymbol = (PSYMBOL_INFO)buffer;
        pSymbol->SizeOfStruct = sizeof(SYMBOL_INFO);
        pSymbol->MaxNameLen = MAX_LABEL_SIZE;
        if(SymFromAddr(fdProcessInfo->hProcess, (DWORD64)addr, &displacement, pSymbol) and !displacement)
        {
            pSymbol->Name[pSymbol->MaxNameLen - 1] = '\0';
-            if(bUndecorateSymbolNames and !UnDecorateSymbolName(pSymbol->Name, label, MAX_SYM_NAME, UNDNAME_COMPLETE))
+            if(!bUndecorateSymbolNames or !UnDecorateSymbolName(pSymbol->Name, label, MAX_SYM_NAME, UNDNAME_COMPLETE))
                strcpy_s(label, pSymbol->Name);
            retval = true;
        }