Browse code
typo in Upack
TODO:
- check consistency in elf parser
- remove hardcoded header size
- fix check for 1st sect rva
- ...
- regression
git-svn-id: file:///var/lib/svn/clamav-devel/branches/temp_branch_pe_cleanup@2945 77e5149b-7576-45b1-b177-96237e5ba77b
aCaB authored on 2007/03/15 05:36:31Showing 1 changed files
| ... | ... |
@@ -1329,7 +1329,7 @@ int cli_scanpe(int desc, cli_ctx *ctx) |
| 1329 | 1329 |
} |
| 1330 | 1330 |
} |
| 1331 | 1331 |
/* these are unsigned so if vaddr - off < 0, it should be ok */ |
| 1332 |
- if (exe_sections[1].rva - off > dsize || exe_sections[1].rva - off > dsize - exe_sections[1].ursz || (upack && exe_sections[2].rva - exe_sections[0].rva > dsize || exe_sections[2].rva - exe_sections[0].rva > dsize - ssize) || ssize > dsize) |
|
| 1332 |
+ if (exe_sections[1].rva - off > dsize || exe_sections[1].rva - off > dsize - exe_sections[1].ursz || (upack && (exe_sections[2].rva - exe_sections[0].rva > dsize || exe_sections[2].rva - exe_sections[0].rva > dsize - ssize)) || ssize > dsize) |
|
| 1333 | 1333 |
{
|
| 1334 | 1334 |
cli_dbgmsg("Upack: probably malformed pe-header, skipping to next unpacker\n");
|
| 1335 | 1335 |
goto skip_upack_and_go_to_next_unpacker; |
| ... | ... |
@@ -1354,7 +1354,7 @@ int cli_scanpe(int desc, cli_ctx *ctx) |
| 1354 | 1354 |
|
| 1355 | 1355 |
lseek(desc, exe_sections[1].uraw, SEEK_SET); |
| 1356 | 1356 |
|
| 1357 |
- if(read(desc, dest + exe_sections[1].rva - off, exe_sections[1].uraw) != exe_sections[1].uraw) {
|
|
| 1357 |
+ if(read(desc, dest + exe_sections[1].rva - off, exe_sections[1].ursz) != exe_sections[1].ursz) {
|
|
| 1358 | 1358 |
cli_dbgmsg("Upack: Can't read raw data of section 1\n");
|
| 1359 | 1359 |
free(exe_sections); |
| 1360 | 1360 |
free(dest); |