Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: DetourOpenBinary doesn't accept valid PEs because of incorrect limit on sections #268

Open
mikewintersjr opened this issue Dec 30, 2022 · 0 comments
Open

Bug: DetourOpenBinary doesn't accept valid PEs because of incorrect limit on sections #268

mikewintersjr opened this issue Dec 30, 2022 · 0 comments
Labels
bug Something isn't working

Comments

@mikewintersjr
Copy link

Bug Description:
Detours allocates IMAGE_NUMBEROF_DIRECTORY_ENTRIES (i.e., 16) entries in the m_SectionHeaders array (https://github.com/microsoft/Detours/blob/master/src/image.cpp#L260). 16 is the correct limit for the DataDirectory[] member of the IMAGE_OPTIONAL_HEADERs. However, Microsoft documentation specifies that the Windows loader can accept up to 96 sections (https://learn.microsoft.com/en-us/windows/win32/debug/pe-format#coff-file-header-object-and-image). I believe this discrepancy is a bug, and it is causing some real world issues with DetourOpenBinary.

PEs compiled with mingw will contain DWARF sections unless the user strips the binary. In practice, there appear to be 8 DWARF sections included by mingw. For x64 binaries, there are also the .pdata and .xdata sections for exception information. On x64 PE binaries compiled with mingw gcc 7.3, there are 17 sections by default. As a result, when DetourOpenBinary is called, it fails in CImage::Read (https://github.com/microsoft/Detours/blob/master/src/image.cpp#L1088).

While stripping the DWARF sections from the binary is a workaround, I believe the appropriate solution is to bring the Detours sections limit in line with published Microsoft documentation and allow up to 96 sections. Looking through winnt.h there doesn't appear to be a good macro for this. Is anyone aware of an existing variable/macro that could be used for this instead of a magic number?

Command-line test case

C:\> x86_64-w64-mingw-gcc helloworld.c -o helloworld.exe
C:\> x86_64-w64-mingw-gcc -shared library.c -o library.dll
C:\> setdll64.exe /d:library.dll helloworld.exe
Adding library.dll to binary files.
  helloworld.exe:
DetourBinaryOpen failed: 192

C:\> x86_64-w64-mingw-strip helloworld.exe
C:\> setdll64.exe /d:library.dll helloworld.exe
Adding library.dll to binary files.
  helloworld.exe:
    library.dll
    KERNEL32.dll -> KERNEL32.dll

Detours version
Version 4.0.1 of Detours (734ac64)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mikewintersjr