Skip to content

Commit 0c08c23

Browse files
author
vdisasmdev
committed
* More checks for malformed relocation block.
1 parent 51f2f7f commit 0c08c23

File tree

3 files changed

+22
-6
lines changed

3 files changed

+22
-6
lines changed

PE.Common.pas

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -126,6 +126,7 @@ interface
126126
SCategoryResources = 'Resources';
127127
SCategoryImports = 'Imports';
128128
SCategoryTLS = 'TLS';
129+
SCategoryRelocs = 'Relocs';
129130

130131
implementation
131132

PE.Parser.Relocs.pas

Lines changed: 13 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -46,11 +46,12 @@ function TPERelocParser.Parse: TParserResult;
4646

4747
if not PE.SeekRVA(dir.VirtualAddress) then
4848
begin
49-
PE.Msg.Write('[Reloc Parser] Bad directory RVA (0x%x)', [dir.VirtualAddress]);
49+
PE.Msg.Write(SCategoryRelocs, 'Bad directory RVA (0x%x)', [dir.VirtualAddress]);
5050
exit(PR_ERROR);
5151
end;
5252

5353
Ofs := 0;
54+
5455
while (Ofs < dir.Size) do
5556
begin
5657
tmpRVA := PE.PositionRVA;
@@ -65,18 +66,27 @@ function TPERelocParser.Parse: TParserResult;
6566
break;
6667

6768
inc(Ofs, SizeOf(block));
69+
70+
if block.BlockSize < SizeOf(TBaseRelocationBlock) then
71+
begin
72+
PE.Msg.Write(SCategoryRelocs, 'Bad size of block (%d).', [block.BlockSize]);
73+
continue;
74+
end;
75+
6876
blCnt := block.Count;
77+
6978
for iBlock := 0 to blCnt - 1 do
7079
begin
7180
if (Ofs + SizeOf(entry)) > dir.Size then
7281
begin
73-
PE.Msg.Write('Relocation out of table. PageRVA:0x%x #:%d', [block.PageRVA, iBlock]);
74-
PE.Msg.Write('Skipping next relocs.');
82+
PE.Msg.Write(SCategoryRelocs, 'Relocation is out of table. PageRVA:0x%x #:%d', [block.PageRVA, iBlock]);
83+
PE.Msg.Write(SCategoryRelocs, 'Skipping next relocs.');
7584
exit(PR_OK);
7685
end;
7786

7887
if not PE.ReadEx(@entry, SizeOf(entry)) then
7988
exit(PR_ERROR);
89+
8090
inc(Ofs, SizeOf(entry));
8191
r_type := entry.GetType;
8292
r_ofs := entry.GetOffset;
@@ -85,7 +95,6 @@ function TPERelocParser.Parse: TParserResult;
8595
begin
8696
reloc.RVA := r_rva;
8797
reloc.&Type := r_type;
88-
// reloc.pos := Ofs;
8998
PE.Relocs.Put(reloc);
9099
end;
91100
end;

PE.Types.Relocations.pas

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,9 @@
33
interface
44

55
uses
6+
{$IFDEF DEBUG}
7+
System.SysUtils,
8+
{$ENDIF}
69
System.Generics.Collections,
710
PE.Common,
811
gRBTree;
@@ -23,8 +26,7 @@ interface
2326
BlockSize: UInt32;
2427

2528
// Get count of relocation elements (entries).
26-
function Count: integer; inline;
27-
29+
function Count: integer; {$IFNDEF DEBUG} inline; {$ENDIF}
2830
// Check if this block's size:0 or rva:0.
2931
function IsEmpty: Boolean; inline;
3032
end;
@@ -84,6 +86,10 @@ implementation
8486

8587
function TBaseRelocationBlock.Count: integer;
8688
begin
89+
{$IFDEF DEBUG}
90+
if BlockSize < SizeOf(TBaseRelocationBlock) then
91+
raise Exception.Create('Relocation block is too small.');
92+
{$ENDIF}
8793
result := (BlockSize - SizeOf(TBaseRelocationBlock)) div SizeOf(TBaseRelocationEntry);
8894
end;
8995

0 commit comments

Comments
 (0)