From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Koichi Arakawa Newsgroups: gmane.emacs.bugs Subject: bug#20264: [PATCH] fix: w32_executable_type() causes a segmentation fault Date: Mon, 06 Apr 2015 18:48:11 +0900 (=?UTF-8?Q?=E6=9D=B1=E4=BA=AC?= (=?UTF-8?Q?=E6=A8=99=E6=BA=96=E6=99=82?=)) Message-ID: <20150406.184811.1180773812210980075.arakawa@pp.iij4u.or.jp> References: <20150406.122323.240448317693586769.arakawa@pp.iij4u.or.jp> <83a8yllm54.fsf@gnu.org> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Trace: ger.gmane.org 1428313765 9914 80.91.229.3 (6 Apr 2015 09:49:25 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Mon, 6 Apr 2015 09:49:25 +0000 (UTC) Cc: 20264@debbugs.gnu.org To: eliz@gnu.org Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Mon Apr 06 11:49:14 2015 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1Yf3eb-0002H9-2f for geb-bug-gnu-emacs@m.gmane.org; Mon, 06 Apr 2015 11:49:13 +0200 Original-Received: from localhost ([::1]:39303 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Yf3ea-0006iV-Dr for geb-bug-gnu-emacs@m.gmane.org; Mon, 06 Apr 2015 05:49:12 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:60237) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Yf3eX-0006iE-DO for bug-gnu-emacs@gnu.org; Mon, 06 Apr 2015 05:49:10 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Yf3eQ-0006FN-MV for bug-gnu-emacs@gnu.org; Mon, 06 Apr 2015 05:49:09 -0400 Original-Received: from debbugs.gnu.org ([140.186.70.43]:56090) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Yf3eQ-0006FG-JU for bug-gnu-emacs@gnu.org; Mon, 06 Apr 2015 05:49:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.80) (envelope-from ) id 1Yf3eQ-0007iY-3e for bug-gnu-emacs@gnu.org; Mon, 06 Apr 2015 05:49:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Koichi Arakawa Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Mon, 06 Apr 2015 09:49:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 20264 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch Original-Received: via spool by 20264-submit@debbugs.gnu.org id=B20264.142831372029638 (code B ref 20264); Mon, 06 Apr 2015 09:49:01 +0000 Original-Received: (at 20264) by debbugs.gnu.org; 6 Apr 2015 09:48:40 +0000 Original-Received: from localhost ([127.0.0.1]:45866 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Yf3e4-0007hx-AF for submit@debbugs.gnu.org; Mon, 06 Apr 2015 05:48:40 -0400 Original-Received: from mo-sw1501.iij4u.or.jp ([210.130.239.241]:42693 helo=mo-sw.iij4u.or.jp) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Yf3e0-0007hf-Cm for 20264@debbugs.gnu.org; Mon, 06 Apr 2015 05:48:38 -0400 DKIM-Signature: v=1;a=rsa-sha256;c=relaxed/simple;d=pp.iij4u.or.jp;h=Date: Message-Id:To:Cc:Subject:From:In-Reply-To:References:Mime-Version: Content-Type:Content-Transfer-Encoding;i=arakawa@pp.iij4u.or.jp;s= 20140530.iij4u; t=1428313708; x=1429523308; bh=A5TChYj51D+SZlS0yNJF8AJ9bX8697cwy F4OVz41Z+s=; b=W33EY7+nL6xY5BmOpzewaBJGHxzklIAY3JeKkQ+E9p7DJvQDtXYMH9RNLJB/GWw yI5xfuKQScF5Z5SG8b6g4Z2nNL4bbK7jJA7mlTA/r9EbBsjMKpy3wT275bJ0Tcb6JWnpvRwb20bym HxaX/7EHHaMA/eDtBPG3TLbMwCKFuL5Rijiq6jbN291Xkxmw/FO4efEAeYWIXvWJNLaRrWql3nrPe Vf+/9dFdplPYbmrUPDUXPsxaxBD3fZ1w9EECEwDVfmN57l/ZLw2vQEmABm/SGChrdvKHHXyzHe15i atRs7h/al7TwsdurKHK9NQ4T5JIrVb7uvhLP1yrJi/BJPReA==; Original-Received: by mo-sw.iij4u.or.jp (4u-mo-sw1501) id t369mSKa012378; Mon, 6 Apr 2015 18:48:28 +0900 Original-Received: from localhost (corsica.s2factory.co.jp [122.220.15.114]) by mbox.iij4u.or.jp (4u-mbox1501) id t369mLJ9028515 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NOT); Mon, 6 Apr 2015 18:48:27 +0900 In-Reply-To: <83a8yllm54.fsf@gnu.org> X-Mailer: Mew version 6.6 on Emacs 25.0.50 / Mule 6.0 (HANACHIRUSATO) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:101229 Archived-At: Eli Zaretskii wrote: >> for ( ; imports->Name; imports++) >> { >> char * dllname = RVA_TO_PTR (imports->Name, section, >> executable); >> >> + if (imports->Name < base || dllname >= base + real_size) >> + break; >> + > > Shouldn't that "break" be "continue" instead? IOW, shouldn't we try > all the other entries in the DLL import list? I apologize insufficient research. The *illegal* dllname actually points to another section. So the previous patch is wrong and it should be as follows. diff --git a/src/w32proc.c b/src/w32proc.c index 7d982f8..5ae55ff 100644 --- a/src/w32proc.c +++ b/src/w32proc.c @@ -1625,6 +1625,7 @@ w32_executable_type (char * filename, for ( ; imports->Name; imports++) { + section = rva_to_section (imports->Name, nt_header); char * dllname = RVA_TO_PTR (imports->Name, section, executable); -- Koichi Arakawa