From 17f02339ed1be9e90738603fe3c95ae7dc300061 Mon Sep 17 00:00:00 2001 From: Ilya Okomin Date: Fri, 7 Oct 2022 16:52:08 -0400 Subject: [PATCH] pe: Fix image section entry-point validation Seen mokmanager image load failure '2 sections contain entry point' for shim built on Oracle Linux 9 aarch64. found_entry_point counter in handle_image() uses SizeOfRawData to calculate section boundary. PE spec defines VirtualSize for the total size of the section when loaded into memory. SizeOfRawData is the size of the section (for object files) or the size of the initialized data on disk. Fix this issue by updating section in-memory size limit to VirtualSize. Resolves: #517 Signed-off-by: Ilya Okomin --- pe.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pe.c b/pe.c index f94530a20..9a3679e16 100644 --- a/pe.c +++ b/pe.c @@ -1259,7 +1259,7 @@ handle_image (void *data, unsigned int datasize, } if (Section->VirtualAddress <= context.EntryPoint && - (Section->VirtualAddress + Section->SizeOfRawData - 1) + (Section->VirtualAddress + Section->Misc.VirtualSize - 1) > context.EntryPoint) found_entry_point++;