From 22d49c5df50fe98027451f7c941827763ea6e503 Mon Sep 17 00:00:00 2001 From: Thomas Faber Date: Tue, 28 Apr 2015 07:07:57 +0000 Subject: [PATCH] [NTOS:MM] - Consistently return STATUS_INVALID_IMAGE_PROTECT from PeFmtCreateSection if the PE signature is missing. Patch by V. CORE-9618 #resolve svn path=/trunk/; revision=67464 --- reactos/ntoskrnl/mm/section.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/reactos/ntoskrnl/mm/section.c b/reactos/ntoskrnl/mm/section.c index fd2f037f78a..8f6ef47db56 100644 --- a/reactos/ntoskrnl/mm/section.c +++ b/reactos/ntoskrnl/mm/section.c @@ -330,12 +330,14 @@ l_ReadHeaderFromFile: { ULONG cbOptHeaderOffsetSize = 0; - nStatus = STATUS_INVALID_IMAGE_FORMAT; + nStatus = STATUS_INVALID_IMAGE_PROTECT; /* don't trust an invalid NT header */ if(pinhNtHeader->Signature != IMAGE_NT_SIGNATURE) DIE(("The file isn't a PE executable, Signature is %X\n", pinhNtHeader->Signature)); + nStatus = STATUS_INVALID_IMAGE_FORMAT; + if(!Intsafe_AddULong32(&cbOptHeaderOffsetSize, pidhDosHeader->e_lfanew, FIELD_OFFSET(IMAGE_NT_HEADERS32, OptionalHeader))) DIE(("The DOS stub is too large, e_lfanew is %X\n", pidhDosHeader->e_lfanew));