:: commit a1d6f0d2a74aa72a72470423af9012236060976e
pe: Add file size check to prevent integer underflow
diff --git a/common/lib/pe.c b/common/lib/pe.c
index 6ed3d6ca..f14ec365 100644
--- a/common/lib/pe.c
+++ b/common/lib/pe.c
@@ -165,6 +165,10 @@ static void pe64_validate(uint8_t *image, size_t file_size) {
panic(true, "pe: Not a valid PE file");
}
+ if (file_size < sizeof(IMAGE_NT_HEADERS64)) {
+ panic(true, "pe: File too small for NT headers");
+ }
+
if (dos_hdr->e_lfanew > file_size - sizeof(IMAGE_NT_HEADERS64)) {
panic(true, "pe: e_lfanew offset out of bounds");
}
@@ -207,6 +211,10 @@ int pe_bits(uint8_t *image, size_t image_size) {
return -1;
}
+ if (image_size < sizeof(IMAGE_NT_HEADERS64)) {
+ return -1;
+ }
+
if ((size_t)dos_hdr->e_lfanew > image_size - sizeof(IMAGE_NT_HEADERS64)) {
return -1;
}
