Skip to content

Commit

Permalink
pe: Fix image section entry-point validation
Browse files Browse the repository at this point in the history 
Seen mokmanager image load failure '2 sections contain entry point'
for shim built on Oracle Linux 9 aarch64. found_entry_point counter in
handle_image() uses SizeOfRawData to calculate section boundary.
PE spec defines VirtualSize for the total size of the section when loaded
into memory. SizeOfRawData is the size of the section (for object files)
or the size of the initialized data on disk.

Fix this issue by updating section in-memory size limit to VirtualSize.

Resolves: #517
Signed-off-by: Ilya Okomin <[email protected]>
  • Loading branch information
@iokomin @vathpela
iokomin authored and vathpela committed Nov 14, 2022
1 parent 0cf43ac commit 17f0233
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion pe.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1259,7 +1259,7 @@ handle_image (void *data, unsigned int datasize,
}

if (Section->VirtualAddress <= context.EntryPoint &&
(Section->VirtualAddress + Section->SizeOfRawData - 1)
(Section->VirtualAddress + Section->Misc.VirtualSize - 1)
> context.EntryPoint)
found_entry_point++;

Expand Down

0 comments on commit 17f0233

Please sign in to comment.