Address a problem with invalid sections.

I've noticed this in one (otherwise valid) EFI image. What happens is the section specifies an invalid PointerToRawData, which the bounded buffer abstraction catches and returns NULL. However, the SizeOfRawData is still in the structure (and probably invalid too). I saw two ways to fix this. If sectionData ends up being NULL we can set SizeOfRawData to 0, but that would be truncating what is otherwise specified in the file. The other option is to teach dump-prog and pepy about this and adjust accordingly. This involves checking for a data being a NULL pointer in dump-prog when printing sections. In pepy it required roughly the same check. I went with option 2.
2025-05-07 09:09:33 +00:00 · 2015-01-04 22:20:07 -05:00 · 2015-01-04 22:20:07 -05:00 · 6d9bb17e3f
commit 6d9bb17e3f
parent c648905250
2 changed files with 21 additions and 2 deletions
--- a/dump-prog/dump.cpp
+++ b/dump-prog/dump.cpp
@ -110,7 +110,10 @@ int printSecs(void                  *N,
 {
  cout << "Sec Name: " << secName << endl;
  cout << "Sec Base: 0x" << to_string<uint64_t>(secBase, hex) << endl;
-  cout << "Sec Size: " << to_string<uint64_t>(data->bufLen, dec) << endl;
+  if (data)
+    cout << "Sec Size: " << to_string<uint64_t>(data->bufLen, dec) << endl;
+  else
+    cout << "Sec Size: 0" << endl;
  return 0;
 }

--- a/python/pepy.cpp
+++ b/python/pepy.cpp
@ -745,15 +745,31 @@ static PyObject *pepy_data_converter(bounded_buffer *data) {
 }

 int section_callback(void *cbd, VA base, std::string &name, image_section_header s, bounded_buffer *data) {
+	uint32_t buflen;
 	PyObject *sect;
 	PyObject *tuple;
 	PyObject *list = (PyObject *) cbd;

+	/*
+	 * I've seen some interesting binaries with a section where the
+	 * PointerToRawData and SizeOfRawData are invalid. The parser library
+	 * handles this by setting sectionData to NULL as returned by splitBuffer().
+	 * The sectionData (passed in to us as *data) is converted using
+	 * pepy_data_converter() which will return an empty string object.
+	 * However, we need to address the fact that we pass an invalid length
+	 * via data->bufLen.
+	 */
+	if (!data) {
+		buflen = 0;
+	} else {
+		buflen = data->bufLen;
+	}
+
 	/*
 	 * The tuple item order is important here. It is passed into the
 	 * section type initialization and parsed there.
 	 */
-	tuple = Py_BuildValue("sKKIIHHIO&", name.c_str(), base, data->bufLen,
+	tuple = Py_BuildValue("sKKIIHHIO&", name.c_str(), base, buflen,
 	                      s.VirtualAddress, s.Misc.VirtualSize,
 	                      s.NumberOfRelocations, s.NumberOfLinenumbers,
 	                      s.Characteristics, pepy_data_converter, data);