kernel32: Fix writing resource section as a last section in UpdateResource()
Nikolay Sivov
nsivov at codeweavers.com
Wed Jan 28 07:57:05 CST 2015
What happens here is that write_raw_resources() try to write outside of
mapping boundaries while moving existing sections higher up. Instead of
that we should just add a new section at the end.
This goes like this:
---
if (!sec->PointerToRawData) /* empty section */
{
sec->PointerToRawData = write_map->size + (-write_map->size) %
PeFileAlignment;
sec->SizeOfRawData = 0;
}
---
pointer is potentially outside of mapping already. Later when it's
checked if resource section is a last one:
---
BOOL rsrc_is_last = sec->PointerToRawData + sec->SizeOfRawData == old_size;
---
old_size equals to write_map->size at this point. A check fails and
memmove() is called with wrong pointer/length causing a page fault.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-kernel32-Fix-writing-resource-section-as-a-last-sect.patch
Type: text/x-patch
Size: 1213 bytes
Desc: not available
URL: <http://www.winehq.org/pipermail/wine-patches/attachments/20150128/098e05ea/attachment.bin>
More information about the wine-patches
mailing list