From 697714b379be40a4d5e88a000578e4dbb3f83664 Mon Sep 17 00:00:00 2001
From: William Woodruff <william@yossarian.net>
Date: Fri, 21 Sep 2018 11:06:08 -0400
Subject: [PATCH] parse: Limit resource table recursion to 3 levels (#77)

---
 pe-parser-library/src/parse.cpp | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/pe-parser-library/src/parse.cpp b/pe-parser-library/src/parse.cpp
index 540eb6f..acf7047 100644
--- a/pe-parser-library/src/parse.cpp
+++ b/pe-parser-library/src/parse.cpp
@@ -359,6 +359,15 @@ bool parse_resource_table(bounded_buffer *sectionData,
         }
       }
     }
+    else {
+      /* .rsrc can accomodate up to 2**31 levels, but Windows only uses 3 by convention.
+       * As such, any depth above 3 indicates potentially unchecked recusion.
+       * See: https://docs.microsoft.com/en-us/windows/desktop/debug/pe-format#the-rsrc-section
+       */
+
+      PE_ERR(PEERR_RESC);
+      return false;
+    }
 
     // High bit 0 = RVA to RDT.
     // High bit 1 = RVA to RDE.