[1/6] imagehlp: Verify magic numbers and pad certificates to 8 byte boundaries
Alexandre Julliard
julliard at winehq.org
Thu Dec 3 04:42:19 CST 2009
Owen Rudge <orudge at codeweavers.com> writes:
> @@ -64,6 +64,10 @@ static BOOL IMAGEHLP_GetSecurityDirOffset( HANDLE handle,
> if( count != sizeof dos_hdr )
> return FALSE;
>
> + /* verify magic number of 'MZ' */
> + if( dos_hdr.e_magic != 0x5A4D )
> + return FALSE;
> +
> /* read the PE header */
> count = SetFilePointer( handle, dos_hdr.e_lfanew, NULL, FILE_BEGIN );
> if( count == INVALID_SET_FILE_POINTER )
> @@ -75,6 +79,10 @@ static BOOL IMAGEHLP_GetSecurityDirOffset( HANDLE handle,
> if( count != sizeof nt_hdr )
> return FALSE;
>
> + /* verify NT signature */
> + if( nt_hdr.Signature != IMAGE_NT_SIGNATURE )
> + return FALSE;
> +
> sd = &nt_hdr.OptionalHeader.
> DataDirectory[IMAGE_FILE_SECURITY_DIRECTORY];
You also need to check the optional header magic to differentiate
between 32-bit and 64-bit PE files.
--
Alexandre Julliard
julliard at winehq.org
More information about the wine-devel
mailing list