Alexandre Julliard : ntdll: Add some sanity checks for invalid relocation blocks.
Alexandre Julliard
julliard at winehq.org
Fri Jul 18 10:03:06 CDT 2008
Module: wine
Branch: stable
Commit: c1a8456d426673a88cee47b5ac0dbaf25302295c
URL: http://source.winehq.org/git/wine.git/?a=commit;h=c1a8456d426673a88cee47b5ac0dbaf25302295c
Author: Alexandre Julliard <julliard at winehq.org>
Date: Mon Jun 30 12:51:35 2008 +0200
ntdll: Add some sanity checks for invalid relocation blocks.
(cherry picked from commit 8e5f28127644344247056337a4eeca71f0e43322)
---
dlls/ntdll/virtual.c | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
diff --git a/dlls/ntdll/virtual.c b/dlls/ntdll/virtual.c
index f14085d..ef97eb2 100644
--- a/dlls/ntdll/virtual.c
+++ b/dlls/ntdll/virtual.c
@@ -1107,8 +1107,14 @@ static NTSTATUS map_image( HANDLE hmapping, int fd, char *base, SIZE_T total_siz
rel = (IMAGE_BASE_RELOCATION *)(ptr + relocs->VirtualAddress);
end = (IMAGE_BASE_RELOCATION *)(ptr + relocs->VirtualAddress + relocs->Size);
- while (rel < end && rel->SizeOfBlock)
+ while (rel <= end - 1 && rel->SizeOfBlock)
{
+ if (rel->VirtualAddress >= total_size)
+ {
+ WARN_(module)( "invalid address %p in relocation %p\n", ptr + rel->VirtualAddress, rel );
+ status = STATUS_ACCESS_VIOLATION;
+ goto error;
+ }
rel = LdrProcessRelocationBlock( ptr + rel->VirtualAddress,
(rel->SizeOfBlock - sizeof(*rel)) / sizeof(USHORT),
(USHORT *)(rel + 1), delta );
More information about the wine-cvs
mailing list