GNU bug report logs - #20264
[PATCH] fix: w32_executable_type() causes a segmentation fault

Previous Next

Package: emacs;

Reported by: Koichi Arakawa <arakawa <at> pp.iij4u.or.jp>

Date: Mon, 6 Apr 2015 03:25:02 UTC

Severity: normal

Tags: patch

Done: Eli Zaretskii <eliz <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Koichi Arakawa <arakawa <at> pp.iij4u.or.jp>
To: eliz <at> gnu.org
Cc: 20264 <at> debbugs.gnu.org
Subject: bug#20264: [PATCH] fix: w32_executable_type() causes a segmentation fault
Date: Mon, 06 Apr 2015 18:48:11 +0900
 (東京 (標準時))

Eli Zaretskii <eliz <at> gnu.org> wrote:
>>                for ( ; imports->Name; imports++)
>>                  {
>>                    char * dllname = RVA_TO_PTR (imports->Name, section,
>>                                                 executable);
>>  
>> +                  if (imports->Name < base || dllname >= base + real_size)
>> +                    break;
>> +
> 
> Shouldn't that "break" be "continue" instead?  IOW, shouldn't we try
> all the other entries in the DLL import list?

I apologize insufficient research. The *illegal* dllname actually
points to another section. So the previous patch is wrong and it
should be as follows.

diff --git a/src/w32proc.c b/src/w32proc.c
index 7d982f8..5ae55ff 100644
--- a/src/w32proc.c
+++ b/src/w32proc.c
@@ -1625,6 +1625,7 @@ w32_executable_type (char * filename,
 
               for ( ; imports->Name; imports++)
                 {
+                  section = rva_to_section (imports->Name, nt_header);
                   char * dllname = RVA_TO_PTR (imports->Name, section,
                                                executable);
 
-- 
Koichi Arakawa
This bug report was last modified 10 years and 106 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.