Do not overflow the stackbased "nt" struct when reading non-conforming

PE files.

Do not overflow the stackbased "nt" struct when reading non-conforming
4b811d93 · Marcus Meissner · Alexandre Julliard · 21883d79 · 4b811d93
Commit 4b811d93 authored Oct 31, 2005 by Marcus Meissner Committed by Alexandre Julliard Oct 31, 2005
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 3 deletions

mapping.c server/mapping.c +3 -3

No files found.
--- a/server/mapping.c
+++ b/server/mapping.c
@@ -206,7 +206,7 @@ static int get_image_params( struct mapping *mapping )
    IMAGE_SECTION_HEADER *sec = NULL;
    struct fd *fd;
    off_t pos;
-    int unix_fd, size;
+    int unix_fd, size, toread;

    /* load the headers */

@@ -225,8 +225,8 @@ static int get_image_params( struct mapping *mapping )
    pos += sizeof(nt.FileHeader);
    /* zero out Optional header in the case it's not present or partial */
    memset(&nt.OptionalHeader, 0, sizeof(nt.OptionalHeader));
-    if (pread( unix_fd, &nt.OptionalHeader, nt.FileHeader.SizeOfOptionalHeader,
-               pos ) != nt.FileHeader.SizeOfOptionalHeader) goto error;
+    toread = min( sizeof(nt.OptionalHeader), nt.FileHeader.SizeOfOptionalHeader );
+    if (pread( unix_fd, &nt.OptionalHeader, toread, pos ) != toread) goto error;
    pos += nt.FileHeader.SizeOfOptionalHeader;

    /* load the section headers */