[NTOS|MM]

Addendum to 68126. The loader should return STATUS_INVALID_IMAGE_PROTECT if e_lfanew is 0, or if the DOS stub appears too large due to a bad e_lfanew. (Note: All plain MZ executables have an invalid e_lfanew) svn path=/trunk/; revision=68127
2024-07-10 06:35:06 +00:00 · 2015-06-14 04:07:11 +00:00 · 2015-06-14 04:07:11 +00:00 · 7d7bef9d4a
parent 5c16c47c54
commit 7d7bef9d4a
1 changed files with 5 additions and 5 deletions
--- a/reactos/ntoskrnl/mm/section.c
+++ b/reactos/ntoskrnl/mm/section.c
@ -241,13 +241,13 @@ NTSTATUS NTAPI PeFmtCreateSection(IN CONST VOID * FileHeader,
    if(pidhDosHeader->e_magic != IMAGE_DOS_SIGNATURE)
        DIE(("No MZ signature found, e_magic is %hX\n", pidhDosHeader->e_magic));

+    /* NT HEADER */
+    nStatus = STATUS_INVALID_IMAGE_PROTECT;
+
    /* not a Windows executable */
    if(pidhDosHeader->e_lfanew <= 0)
        DIE(("Not a Windows executable, e_lfanew is %d\n", pidhDosHeader->e_lfanew));

-    /* NT HEADER */
-    nStatus = STATUS_INVALID_IMAGE_FORMAT;
-
    if(!Intsafe_AddULong32(&cbFileHeaderOffsetSize, pidhDosHeader->e_lfanew, RTL_SIZEOF_THROUGH_FIELD(IMAGE_NT_HEADERS32, FileHeader)))
        DIE(("The DOS stub is too large, e_lfanew is %X\n", pidhDosHeader->e_lfanew));

@ -336,11 +336,11 @@ l_ReadHeaderFromFile:
        if(pinhNtHeader->Signature != IMAGE_NT_SIGNATURE)
            DIE(("The file isn't a PE executable, Signature is %X\n", pinhNtHeader->Signature));

-        nStatus = STATUS_INVALID_IMAGE_FORMAT;
-
        if(!Intsafe_AddULong32(&cbOptHeaderOffsetSize, pidhDosHeader->e_lfanew, FIELD_OFFSET(IMAGE_NT_HEADERS32, OptionalHeader)))
            DIE(("The DOS stub is too large, e_lfanew is %X\n", pidhDosHeader->e_lfanew));

+        nStatus = STATUS_INVALID_IMAGE_FORMAT;
+
        if(!Intsafe_AddULong32(&cbOptHeaderOffsetSize, cbOptHeaderOffsetSize, pinhNtHeader->FileHeader.SizeOfOptionalHeader))
            DIE(("The NT header is too large, SizeOfOptionalHeader is %X\n", pinhNtHeader->FileHeader.SizeOfOptionalHeader));