wine/wine-staging
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-staging.git synced 2025-09-12 18:50:20 -07:00
Code Issues Packages Projects Releases Wiki Activity

Rebase against 571462c633edbcc5dd6f2f8e56470470f27b0b07.

Browse Source
This commit is contained in:
Sebastian Lackner
2015-07-31 01:42:04 +02:00
parent 493ed4662c
commit e21bed742a
8 changed files with 66 additions and 234 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
patches/ntdll-Security_Cookie/0001-ntdll-Validate-SecurityCookie-pointer-before-derefer.patch
View File

@@ -1,30 +0,0 @@
From e365fdbc966b3aab4dbfced4c651965cc8cd9c23 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Tue, 21 Jul 2015 20:33:47 +0200
Subject: ntdll: Validate SecurityCookie pointer before dereferencing.
---
dlls/ntdll/virtual.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/dlls/ntdll/virtual.c b/dlls/ntdll/virtual.c
index 479ca79..2fd8198 100644
--- a/dlls/ntdll/virtual.c
+++ b/dlls/ntdll/virtual.c
@@ -1320,9 +1320,11 @@ static NTSTATUS map_image( HANDLE hmapping, int fd, char *base, SIZE_T total_siz
loadcfg = RtlImageDirectoryEntryToData( (HMODULE)ptr, TRUE,
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG, &loadcfg_size );
- if (loadcfg &&
- loadcfg_size >= offsetof(IMAGE_LOAD_CONFIG_DIRECTORY, SecurityCookie) + sizeof(loadcfg->SecurityCookie))
+ if (loadcfg && loadcfg_size >= offsetof(IMAGE_LOAD_CONFIG_DIRECTORY, SecurityCookie) + sizeof(loadcfg->SecurityCookie) &&
+ (ULONG_PTR)ptr <= loadcfg->SecurityCookie && loadcfg->SecurityCookie <= (ULONG_PTR)ptr + total_size - sizeof(ULONG_PTR))
+ {
set_security_cookie((ULONG_PTR *)loadcfg->SecurityCookie);
+ }
/* set the image protections */
--
2.4.5

2
patches/ntdll-Security_Cookie/definition
View File

@@ -1,2 +0,0 @@
Fixes: Fix loading of libraries with incomplete IMAGE_LOAD_CONFIG_DIRECTORY struct
Fixes: [38949] Fix security cookie handling for UPX compressed executables