Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix crash on samples having corrupted PE header (#821) #827

Merged
merged 1 commit into from
Jul 29, 2020

Conversation

tamaroth
Copy link
Contributor

If a sample has corrupted PE header and as a result does not have any
sections, heuristic search for UPX packer will fail as it tries to
access the first section. To remedy this, we need to ensure the sections
exist before we access them.

Issue #821

Test added here

@tamaroth tamaroth requested a review from s3rvac July 29, 2020 09:54
@tamaroth tamaroth linked an issue Jul 29, 2020 that may be closed by this pull request
Copy link
Member

@s3rvac s3rvac left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the fix. I will run tests, just to be sure that everything builds and there is no unintentional side effect.

src/cpdetect/heuristics/pe_heuristics.cpp Outdated Show resolved Hide resolved
If a sample has corrupted PE header and as a result does not have any
sections, heuristic search for UPX packer will fail as it tries to
access the first section. To remedy this, we need to ensure the sections
exist before we access them.
@tamaroth tamaroth force-pushed the bug-upx-crash-821 branch from dd33aab to b35bf1c Compare July 29, 2020 13:10
@tamaroth tamaroth requested a review from s3rvac July 29, 2020 13:15
@s3rvac s3rvac changed the title Fix crash on samples having corrupted PE header. Fix crash on samples having corrupted PE header (#821) Jul 29, 2020
Copy link
Member

@s3rvac s3rvac left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Tests are passing, so I am going to merge the PR.

@s3rvac s3rvac merged commit d00ce6f into master Jul 29, 2020
@s3rvac s3rvac deleted the bug-upx-crash-821 branch July 29, 2020 16:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

retdec-fileinfo crashes when detecting UPX
2 participants