diff mbox

Fix a crash with a malformed PE header

Message ID 39b8efed-e23e-db20-4b28-332ceda2d8df@dronecode.org.uk
State New, archived
Headers

Commit Message

Jon Turney Jan. 3, 2020, 1:11 p.m. UTC 
  On 02/01/2020 13:56, Eli Zaretskii wrote:
>> From: Jon Turney <jon.turney@dronecode.org.uk>
>> Cc: Jon Turney <jon.turney@dronecode.org.uk>
>> Date: Thu,  2 Jan 2020 12:54:05 +0000
>>
>> --- a/gdb/coff-pe-read.c
>> +++ b/gdb/coff-pe-read.c
>> @@ -441,6 +441,12 @@ read_pe_exported_syms (minimal_symbol_reader &reader,
>>   	}
>>       }
>>   
>> +  if (expptr == 0)
>> +    {
>> +      /* no section contains export table rva */
>> +      return;
>> +    }
>> +
> 
> Thanks.  Would it make sense to produce some diagnostic output here,
> when an appropriate debug-FOO option is set?

Yes, I suppose that's better than just a comment.

How about the attached?
From b78ee5736d93d7fa3476a69cc11229c047f477ec Mon Sep 17 00:00:00 2001
From: Jon Turney <jon.turney@dronecode.org.uk>
Date: Thu, 2 Jan 2020 00:25:56 +0000
Subject: [PATCH] Fix a crash with a malformed PE header

Don't try to read the PE export table when no section contains the RVA
for it.

(I have a PE executable [1] packed with UPX, where the export table data
directory entry contains a RVA which doesn't correspond to any section.
Mistakenly trying to debug this with gdb makes it crash.)

[1] https://cygwin.com/setup/setup-2.898.x86_64.exe

2020-01-02  Jon Turney  <jon.turney@dronecode.org.uk>

	* coff-pe-read.c (read_pe_exported_syms): Don't try to read the
	export table if no section contains it's RVA.
---
 gdb/ChangeLog      | 5 +++++
 gdb/coff-pe-read.c | 9 +++++++++
 2 files changed, 14 insertions(+)

Comments

Eli Zaretskii Jan. 3, 2020, 1:20 p.m. UTC | #1 
> Cc: Eli Zaretskii <eliz@gnu.org>
> From: Jon Turney <jon.turney@dronecode.org.uk>
> Date: Fri, 3 Jan 2020 13:11:24 +0000
> 
> > Thanks.  Would it make sense to produce some diagnostic output here,
> > when an appropriate debug-FOO option is set?
> 
> Yes, I suppose that's better than just a comment.
> 
> How about the attached?

LGTM, but please wait for someone else to approve this formally.

Thanks.
Tom Tromey Jan. 3, 2020, 4:53 p.m. UTC | #2 
>>>>> "Jon" == Jon Turney <jon.turney@dronecode.org.uk> writes:

Jon> 2020-01-02  Jon Turney  <jon.turney@dronecode.org.uk>

Jon> 	* coff-pe-read.c (read_pe_exported_syms): Don't try to read the
Jon> 	export table if no section contains it's RVA.

Thanks.  This is ok.

Tom
diff mbox

Patch

diff --git a/gdb/coff-pe-read.c b/gdb/coff-pe-read.c
index b05357bb8b..926db57e58 100644
--- a/gdb/coff-pe-read.c
+++ b/gdb/coff-pe-read.c
@@ -441,6 +441,15 @@  read_pe_exported_syms (minimal_symbol_reader &reader,
 	}
     }
 
+  if (expptr == 0)
+    {
+      if (debug_coff_pe_read)
+	fprintf_unfiltered (gdb_stdlog, _("No section contains export RVA for "
+					  "dll \"%s\"\n"),
+			    dll_name);
+      return;
+    }
+
   export_rva = export_opthdrrva;
   export_size = export_opthdrsize;