From 98b004eddad9389ccea2026c43952f56d70fdbcc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20Trojnara?= <Michal.Trojnara@stunnel.org>
Date: Wed, 20 Dec 2023 11:16:06 +0100
Subject: [PATCH] Ignore garbage in PE sigpos/siglen

---
 pe.c | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/pe.c b/pe.c
index 103f639..9be0625 100644
--- a/pe.c
+++ b/pe.c
@@ -646,14 +646,11 @@ static PE_CTX *pe_ctx_get(char *indata, uint32_t filesize)
     siglen = GET_UINT32_LE(indata + header_size + 152 + pe32plus * 16 + 4);
     /* Since fix for MS Bulletin MS12-024 we can really assume
        that signature should be last part of file */
-    if ((sigpos > 0 && sigpos < filesize && sigpos + siglen != filesize)
-        || (sigpos >= filesize)) {
-        printf("Corrupt PE file - current signature not at the end of the file\n");
-        return NULL; /* FAILED */
-    }
-    if ((sigpos > 0 && siglen == 0) || (sigpos == 0 && siglen > 0)) {
-        printf("Corrupt signature\n");
-        return NULL; /* FAILED */
+    if ((sigpos != 0 || siglen != 0) &&
+            (sigpos == 0 || siglen == 0 || sigpos >= filesize || sigpos + siglen != filesize)) {
+        printf("Ignoring PE signature not at the end of the file\n");
+        sigpos = 0;
+        siglen = 0;
     }
     pe_ctx = OPENSSL_zalloc(sizeof(PE_CTX));
     pe_ctx->header_size = header_size;