[PATCH 1/4] server: All fields up to CheckSum are mandatory regardless of SizeOfOptionalHeader value.

Dmitry Timoshkov dmitry at baikal.ru
Wed May 6 02:15:54 CDT 2020 

Signed-off-by: Dmitry Timoshkov <dmitry at baikal.ru>
---
 server/mapping.c | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/server/mapping.c b/server/mapping.c
index 6990a1913d..ea2cd55513 100644
--- a/server/mapping.c
+++ b/server/mapping.c
@@ -592,11 +592,12 @@ static unsigned int get_image_params( struct mapping *mapping, file_pos_t file_s
     mz_size = size;
     pos = mz.dos.e_lfanew;
 
+    /* zero out Optional header in the case it's not present or partial */
+    memset( &nt, 0, sizeof(nt) );
+
     size = pread( unix_fd, &nt, sizeof(nt), pos );
     if (size < sizeof(nt.Signature) + sizeof(nt.FileHeader)) return STATUS_INVALID_IMAGE_PROTECT;
-    /* zero out Optional header in the case it's not present or partial */
-    size = min( size, sizeof(nt.Signature) + sizeof(nt.FileHeader) + nt.FileHeader.SizeOfOptionalHeader );
-    if (size < sizeof(nt)) memset( (char *)&nt + size, 0, sizeof(nt) - size );
+
     if (nt.Signature != IMAGE_NT_SIGNATURE)
     {
         IMAGE_OS2_HEADER *os2 = (IMAGE_OS2_HEADER *)&nt;
@@ -609,6 +610,10 @@ static unsigned int get_image_params( struct mapping *mapping, file_pos_t file_s
     switch (nt.opt.hdr32.Magic)
     {
     case IMAGE_NT_OPTIONAL_HDR32_MAGIC:
+        /* All fields up to CheckSum are mandatory regardless of SizeOfOptionalHeader value */
+        size = max( nt.FileHeader.SizeOfOptionalHeader, offsetof(IMAGE_OPTIONAL_HEADER32, CheckSum) );
+        if (size < sizeof(nt.opt.hdr32)) memset( (char *)&nt.opt.hdr32 + size, 0, sizeof(nt.opt.hdr32) - size );
+
         switch (nt.FileHeader.Machine)
         {
         case IMAGE_FILE_MACHINE_I386:
@@ -654,6 +659,10 @@ static unsigned int get_image_params( struct mapping *mapping, file_pos_t file_s
         break;
 
     case IMAGE_NT_OPTIONAL_HDR64_MAGIC:
+        /* All fields up to CheckSum are mandatory regardless of SizeOfOptionalHeader value */
+        size = max( nt.FileHeader.SizeOfOptionalHeader, offsetof(IMAGE_OPTIONAL_HEADER64, CheckSum) );
+        if (size < sizeof(nt.opt.hdr64)) memset( (char *)&nt.opt.hdr64 + size, 0, sizeof(nt.opt.hdr64) - size );
+
         if (!(cpu_mask & CPU_64BIT_MASK)) return STATUS_INVALID_IMAGE_WIN_64;
         switch (nt.FileHeader.Machine)
         {
-- 
2.26.2

More information about the wine-devel mailing list