nhyatt/osslsigncode
1
0
Fork 0
mirror of https://github.com/mtrojnar/osslsigncode.git synced 2025-04-09 18:48:05 -05:00
Code Issues Projects Releases Wiki Activity

fixed MSI recursion loop detection

Browse Source
This commit is contained in:
Michał Trojnara 2022-02-22 18:56:20 +01:00
parent d471b51db5
commit 6eaf0d9368
1 changed files with 9 additions and 7 deletions

12
msi.c

@ -435,7 +435,7 @@ MSI_FILE *msi_file_new(char *buffer, uint32_t len)
/* Recursively create a tree of MSI_DIRENT structures */
int msi_dirent_new(MSI_FILE *msi, MSI_ENTRY *entry, MSI_DIRENT *parent, MSI_DIRENT *prev, MSI_DIRENT **ret)
{
MSI_DIRENT *dirent;
MSI_DIRENT *d, *dirent;
if (!entry) {
return 1; /* OK */
@ -444,15 +444,17 @@ int msi_dirent_new(MSI_FILE *msi, MSI_ENTRY *entry, MSI_DIRENT *parent, MSI_DIRE
printf("Corrupted Directory Entry Name Length\n");
return 0; /* FAILED */
}
/* detect loops in previously visited entries (parents, siblings) */
if (entry->childID != NOSTREAM) {
for (dirent = prev; dirent; dirent = dirent->prev) {
if (dirent->entry->childID == entry->childID) {
for (d = prev; d; d = d->prev) {
if ((entry->leftSiblingID != NOSTREAM && d->entry->leftSiblingID == entry->leftSiblingID)
|| (entry->rightSiblingID != NOSTREAM && d->entry->rightSiblingID == entry->rightSiblingID)
|| (entry->childID != NOSTREAM && d->entry->childID == entry->childID)) {
printf("Entry loop at ID: 0x%08X\n", entry->childID);
return 0; /* FAILED */
}
}
}
dirent = (MSI_DIRENT *)OPENSSL_malloc(sizeof(MSI_DIRENT));
memcpy(dirent->name, entry->name, entry->nameLen);
dirent->nameLen = entry->nameLen;