nhyatt/osslsigncode
1
0
Fork 0
mirror of https://github.com/mtrojnar/osslsigncode.git synced 2025-05-20 10:24:29 -05:00
Code Issues Projects Releases Wiki Activity

Check the length of the attribute certificate entry

Browse Source
This commit is contained in:
olszomal 2023-05-25 14:59:28 +02:00 committed by Michał Trojnara
parent abbbfabdc7
commit c6990878c2
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pe.c
View File

@ -206,6 +206,12 @@ static int pe_check_file(FILE_FORMAT_CTX *ctx, int detached)
*/ */
while (sum < ctx->pe_ctx->siglen) { while (sum < ctx->pe_ctx->siglen) {
uint32_t len = GET_UINT32_LE(ctx->options->indata + ctx->pe_ctx->sigpos + sum); uint32_t len = GET_UINT32_LE(ctx->options->indata + ctx->pe_ctx->sigpos + sum);
if (ctx->pe_ctx->siglen - len > 8) {
printf("Corrupted attribute certificate table\n");
printf("Attribute certificate table size : %08X\n", ctx->pe_ctx->siglen);
printf("Attribute certificate entry length: %08X\n\n", len);
return 0; /* FAILED */
}
/* quadword align data */ /* quadword align data */
len += len % 8 ? 8 - len % 8 : 0; len += len % 8 ? 8 - len % 8 : 0;
sum += len; sum += len;