Magic-Mirror/retdec
1
0
Fork 0
mirror of https://github.com/avast/retdec.git synced 2024-11-23 13:00:13 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #1166 from avast/dotnet-looping

Browse Source 
Fix .NET parser trying to read strings from String stream when out-of-bounds of the file
This commit is contained in:
HoundThe 2023-07-18 18:37:14 +02:00 committed by GitHub
commit f7e82bb6b2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/fileformat/file_format/pe/pe_format.cpp
View File

@ -2593,6 +2593,13 @@ void PeFormat::parseStringStream(std::uint64_t baseAddress, std::uint64_t offset
while (currentOffset < size)
{
std::string string;
std::uint64_t c = 0;
auto successful_read = get1Byte(address + currentOffset, c, getEndianness());
// If the reading fails (OOB or other) don't continue and terminate
if (!successful_read)
{
break;
}
getNTBS(address + currentOffset, string);
stringStream->addString(currentOffset, string);
// +1 for null-terminator