DBG: use PointerToRawData in debug directory if no RVA is present

2021-01-31 00:49:46 +01:00 · 2021-01-31 00:49:46 +01:00 · f49835b3bf
parent 5b43c22a64
commit f49835b3bf
1 changed files with 11 additions and 2 deletions
--- a/src/dbg/module.cpp
+++ b/src/dbg/module.cpp
@ -463,7 +463,11 @@ static void ReadDebugDirectory(MODINFO & Info, ULONG_PTR FileMapVA)
    const auto supported = [&Info](PIMAGE_DEBUG_DIRECTORY entry)
    {
        // Check for valid RVA
-        const auto offset = ModRvaToOffset(0, Info.headers, entry->AddressOfRawData);
+        ULONG_PTR offset = 0;
+        if(entry->AddressOfRawData)
+            offset = (ULONG_PTR)ModRvaToOffset(0, Info.headers, entry->AddressOfRawData);
+        else if(entry->PointerToRawData)
+            offset = entry->PointerToRawData;
        if(!offset)
            return false;

@ -556,7 +560,12 @@ static void ReadDebugDirectory(MODINFO & Info, ULONG_PTR FileMapVA)
    }

    // At this point we know the entry is a valid CV one
-    auto cvData = (unsigned char*)(FileMapVA + ModRvaToOffset(0, Info.headers, entry->AddressOfRawData));
+    ULONG_PTR offset = 0;
+    if(entry->AddressOfRawData)
+        offset = (ULONG_PTR)ModRvaToOffset(0, Info.headers, entry->AddressOfRawData);
+    else if(entry->PointerToRawData)
+        offset = entry->PointerToRawData;
+    auto cvData = (unsigned char*)(FileMapVA + offset);
    auto signature = *(DWORD*)cvData;
    if(signature == '01BN')
    {