x64dbg/x64dbg
x64dbg
/
x64dbg
1
0
Fork 0
Code Releases 5 Activity

DBG: some more improvements to safely reading the PE info

This commit is contained in:
Duncan Ogilvie 2019-01-22 00:31:01 +01:00
parent 6f60175506
commit ee411b0c30
No known key found for this signature in database
GPG Key ID: FC89E0AAA0C1AAD8
1 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/dbg/module.cpp
View File

@ -111,7 +111,8 @@ static void ReadExportDirectory(MODINFO & Info, ULONG_PTR FileMapVA)
auto addressOfNameOrdinalsOffset = rva2offset(exportDir->AddressOfNameOrdinals);
auto addressOfNameOrdinals = PWORD(addressOfNameOrdinalsOffset ? addressOfNameOrdinalsOffset + FileMapVA : 0);
Info.exports.reserve(exportDir->NumberOfFunctions);
// Do not reserve memory based on untrusted input
//Info.exports.reserve(exportDir->NumberOfFunctions);
Info.exportOrdinalBase = exportDir->Base;
// TODO: 'invalid address' below means an RVA that is obviously invalid, like being greater than SizeOfImage.
@ -624,7 +625,7 @@ static void ReadDebugDirectory(MODINFO & Info, ULONG_PTR FileMapVA)
}
}
static void GetUnsafeModuleInfoImpl(MODINFO & Info, ULONG_PTR FileMapVA, void(*func)(MODINFO &, ULONG_PTR), const char* name)
static bool GetUnsafeModuleInfoImpl(MODINFO & Info, ULONG_PTR FileMapVA, void(*func)(MODINFO &, ULONG_PTR), const char* name)
{
__try
{
@ -633,7 +634,9 @@ static void GetUnsafeModuleInfoImpl(MODINFO & Info, ULONG_PTR FileMapVA, void(*f
__except(EXCEPTION_EXECUTE_HANDLER)
{
dprintf(QT_TRANSLATE_NOOP("DBG", "Exception while getting module info (%s), please report...\n"), name);
return false;
}
return true;
}
void GetModuleInfo(MODINFO & Info, ULONG_PTR FileMapVA)
@ -694,8 +697,19 @@ void GetModuleInfo(MODINFO & Info, ULONG_PTR FileMapVA)
}
#define GetUnsafeModuleInfo(func) GetUnsafeModuleInfoImpl(Info, FileMapVA, func, #func)
GetUnsafeModuleInfo(ReadExportDirectory);
GetUnsafeModuleInfo(ReadImportDirectory);
if(!GetUnsafeModuleInfo(ReadExportDirectory))
{
Info.exports.clear();
Info.exportOrdinalBase = 0;
Info.exportsByName.clear();
Info.exportsByRva.clear();
}
if(!GetUnsafeModuleInfo(ReadImportDirectory))
{
Info.importModules.clear();
Info.imports.clear();
Info.importsByRva.clear();
}
GetUnsafeModuleInfo(ReadTlsCallbacks);
GetUnsafeModuleInfo(ReadBaseRelocationTable);
GetUnsafeModuleInfo(ReadDebugDirectory);