gsrlabs/go
1
0
Fork 0
mirror of https://github.com/golang/go.git synced 2026-02-02 17:05:05 +03:00
Code Issues Packages Projects Releases Wiki Activity

debug/pe: avoid panic in File.ImportedSymbols

Browse Source 
This change skips symbols where dt.OriginalFirstThunk is less than
ds.VirtualAddress.

The variable types are uint32, and
(dt.OriginalFirstThunk-ds.VirtualAddress) becomes very large number when
dt.OriginalFirstThunk < ds.VirtualAddress.

Fixes #73548.
Fixes #76721.
Fixes #76724.

Change-Id: I72908bd0896003423aeb754fa0b6c72d452cdb4e
Reviewed-on: https://go-review.googlesource.com/c/go/+/684495
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Emmanuel Odeke <emmanuel@orijtech.com>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
This commit is contained in:
Alex Brainman
2025-06-24 15:18:28 +10:00
parent 91435be153
commit 2cd0371a0a
1 changed files with 16 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/debug/pe/file.go
View File

@@ -379,7 +379,11 @@ func (f *File) ImportedSymbols() ([]string, error) {
}
// seek to the virtual address specified in the import data directory
d = d[idd.VirtualAddress-ds.VirtualAddress:]
seek := idd.VirtualAddress - ds.VirtualAddress
if seek >= uint32(len(d)) {
return nil, errors.New("optional header data directory virtual size doesn't fit within data seek")
}
d = d[seek:]
// start decoding the import directory
var ida []ImportDirectory
@@ -408,9 +412,16 @@ func (f *File) ImportedSymbols() ([]string, error) {
dt.dll, _ = getString(names, int(dt.Name-ds.VirtualAddress))
d, _ = ds.Data()
// seek to OriginalFirstThunk
d = d[dt.OriginalFirstThunk-ds.VirtualAddress:]
seek := dt.OriginalFirstThunk - ds.VirtualAddress
if seek >= uint32(len(d)) {
return nil, errors.New("import directory original first thunk doesn't fit within data seek")
}
d = d[seek:]
for len(d) > 0 {
if pe64 { // 64bit
if len(d) < 8 {
return nil, errors.New("thunk parsing needs at least 8-bytes")
}
va := binary.LittleEndian.Uint64(d[0:8])
d = d[8:]
if va == 0 {
@@ -423,6 +434,9 @@ func (f *File) ImportedSymbols() ([]string, error) {
all = append(all, fn+":"+dt.dll)
}
} else { // 32bit
if len(d) <= 4 {
return nil, errors.New("thunk parsing needs at least 5-bytes")
}
va := binary.LittleEndian.Uint32(d[0:4])
d = d[4:]
if va == 0 {