ChangeSet ID: 21002 CVSROOT: /opt/cvs-commit Module name: wine Changes by: julliard@winehq.org 2005/10/31 15:03:05
Modified files: server : mapping.c
Log message: Marcus Meissner marcus@jet.franken.de Do not overflow the stackbased "nt" struct when reading non-conforming PE files.
Patch: http://cvs.winehq.org/patch.py?id=21002
Old revision New revision Changes Path 1.58 1.59 +3 -3 wine/server/mapping.c
Index: wine/server/mapping.c diff -u -p wine/server/mapping.c:1.58 wine/server/mapping.c:1.59 --- wine/server/mapping.c 31 Oct 2005 21: 3: 5 -0000 +++ /dev/null 31 Oct 2005 21: 3: 5 -0000 @@ -206,7 +206,7 @@ static int get_image_params( struct mapp IMAGE_SECTION_HEADER *sec = NULL; struct fd *fd; off_t pos; - int unix_fd, size; + int unix_fd, size, toread;
/* load the headers */
@@ -225,8 +225,8 @@ static int get_image_params( struct mapp pos += sizeof(nt.FileHeader); /* zero out Optional header in the case it's not present or partial */ memset(&nt.OptionalHeader, 0, sizeof(nt.OptionalHeader)); - if (pread( unix_fd, &nt.OptionalHeader, nt.FileHeader.SizeOfOptionalHeader, - pos ) != nt.FileHeader.SizeOfOptionalHeader) goto error; + toread = min( sizeof(nt.OptionalHeader), nt.FileHeader.SizeOfOptionalHeader ); + if (pread( unix_fd, &nt.OptionalHeader, toread, pos ) != toread) goto error; pos += nt.FileHeader.SizeOfOptionalHeader;
/* load the section headers */