Magic-Mirror/radare2
1
0
Fork 0
mirror of https://github.com/radareorg/radare2.git synced 2025-01-22 22:06:50 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

* Fixed bug in r_bin_pe resolving imports

Browse Source
This commit is contained in:
Nibble 2009-04-30 13:46:29 +02:00
parent 3e9714d3f9
commit 1ad245a1ee
1 changed files with 40 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
libr/bin/format/pe/pe.c
View File

@ -147,11 +147,27 @@ static int PE_(r_bin_pe_parse_imports)(PE_(r_bin_pe_obj) *bin, PE_(r_bin_pe_impo
{
char import_name[PE_NAME_LENGTH], name[PE_NAME_LENGTH];
PE_Word import_hint, import_ordinal;
PE_DWord import_table = 0;
PE_DWord import_table = 0, off = 0;
int i = 0;
lseek(bin->fd, PE_(r_bin_pe_aux_rva_to_offset)(bin, OriginalFirstThunk), SEEK_SET);
read(bin->fd, &import_table, sizeof(PE_DWord));
lseek(bin->fd, PE_(r_bin_pe_aux_rva_to_offset)(bin, import_table) + sizeof(PE_Word), SEEK_SET);
read(bin->fd, name, PE_NAME_LENGTH);
if (IS_PRINTABLE(name[0]))
off = PE_(r_bin_pe_aux_rva_to_offset)(bin, OriginalFirstThunk);
else {
lseek(bin->fd, PE_(r_bin_pe_aux_rva_to_offset)(bin, FirstThunk), SEEK_SET);
read(bin->fd, &import_table, sizeof(PE_DWord));
lseek(bin->fd, PE_(r_bin_pe_aux_rva_to_offset)(bin, import_table) + sizeof(PE_Word), SEEK_SET);
read(bin->fd, name, PE_NAME_LENGTH);
if (IS_PRINTABLE(name[0]))
off = PE_(r_bin_pe_aux_rva_to_offset)(bin, FirstThunk);
else return 0;
}
do {
lseek(bin->fd, PE_(r_bin_pe_aux_rva_to_offset)(bin, OriginalFirstThunk) + i * sizeof(PE_DWord), SEEK_SET);
lseek(bin->fd, off + i * sizeof(PE_DWord), SEEK_SET);
read(bin->fd, &import_table, sizeof(PE_DWord));
if (import_table & ILT_MASK1) {
@ -357,7 +373,8 @@ int PE_(r_bin_pe_get_imports_count)(PE_(r_bin_pe_obj) *bin)
{
PE_(image_import_directory) *import_dirp;
PE_(image_delay_import_directory) *delay_import_dirp;
PE_DWord import_table;
PE_DWord import_table, off = 0;
char name[PE_NAME_LENGTH];
int import_dirs_count = PE_(r_bin_pe_get_import_dirs_count)(bin);
int delay_import_dirs_count = PE_(r_bin_pe_get_delay_import_dirs_count)(bin);
int imports_count = 0, i, j;
@ -368,11 +385,27 @@ int PE_(r_bin_pe_get_imports_count)(PE_(r_bin_pe_obj) *bin)
import_dirp = bin->import_directory;
import_table = 0;
for (i = 0; i < import_dirs_count; i++, import_dirp++) {
lseek(bin->fd, PE_(r_bin_pe_aux_rva_to_offset)(bin, import_dirp->Characteristics), SEEK_SET);
read(bin->fd, &import_table, sizeof(PE_DWord));
lseek(bin->fd, PE_(r_bin_pe_aux_rva_to_offset)(bin, import_table) + sizeof(PE_Word), SEEK_SET);
read(bin->fd, name, PE_NAME_LENGTH);
if (IS_PRINTABLE(name[0]))
off = PE_(r_bin_pe_aux_rva_to_offset)(bin, import_dirp->Characteristics);
else {
lseek(bin->fd, PE_(r_bin_pe_aux_rva_to_offset)(bin, import_dirp->FirstThunk), SEEK_SET);
read(bin->fd, &import_table, sizeof(PE_DWord));
lseek(bin->fd, PE_(r_bin_pe_aux_rva_to_offset)(bin, import_table)+ sizeof(PE_Word), SEEK_SET);
read(bin->fd, name, PE_NAME_LENGTH);
if (IS_PRINTABLE(name[0]))
off = PE_(r_bin_pe_aux_rva_to_offset)(bin, import_dirp->FirstThunk);
else return 0;
}
j = 0;
do {
lseek(bin->fd, PE_(r_bin_pe_aux_rva_to_offset)(bin, import_dirp->Characteristics) + j * sizeof(PE_DWord), SEEK_SET);
read(bin->fd, &import_table, sizeof(PE_DWord));
lseek(bin->fd, off + j * sizeof(PE_DWord), SEEK_SET);
read(bin->fd, &import_table, sizeof(PE_DWord));
if (import_table) {
imports_count++;
j++;
@ -386,7 +419,7 @@ int PE_(r_bin_pe_get_imports_count)(PE_(r_bin_pe_obj) *bin)
j = 0;
do {
lseek(bin->fd, PE_(r_bin_pe_aux_rva_to_offset)(bin, delay_import_dirp->DelayImportNameTable) + j * sizeof(PE_DWord), SEEK_SET);
read(bin->fd, &import_table, sizeof(PE_DWord));
read(bin->fd, &import_table, sizeof(PE_DWord));
if (import_table) {
imports_count++;