Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix potential integer overflow #182

Merged
merged 4 commits into from
Mar 5, 2021
Merged

Fix potential integer overflow #182

merged 4 commits into from
Mar 5, 2021

Conversation

dtarditi
Copy link
Contributor

@dtarditi dtarditi commented Mar 5, 2021
edited by ghost
Loading

When injecting a DLL into a process, it is possible that the process memory has been corrupted. The values in the import table for the process could be incorrect, which could cause an integer overflow when calculating the size of the new import table. Add code to protect against this to UPDATE_IMPORTS_XX.

Microsoft Reviewers: Open in CodeFlow

dtarditi added 2 commits August 5, 2020 17:09
@dtarditi
Fix potential integer overflow.
484ffc0 
When injecting a DLL into a process, it is possible that the process
memory  has been corrupted.  The values in the import table for the process
could be incorrect, which could cause an integer overflow when
calculating the size of the new import table.  Add code to protect against
this to UPDATE_IMPORTS_XX.

In UPDATE_IMPORTS_XX in uimports.cpp,
@dtarditi
Merge branch 'master' into fix-overflow
cd1e4f7
@dtarditi dtarditi requested a review from bgianfo March 5, 2021 05:04
@bgianfo bgianfo added the bug Something isn't working label Mar 5, 2021
bgianfo
bgianfo approved these changes Mar 5, 2021
View reviewed changes
Copy link
Contributor

@bgianfo bgianfo left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me! :shipit:

@dtarditi dtarditi merged commit 108ceef into master Mar 5, 2021
@AraHaan
Copy link

AraHaan commented Mar 5, 2021

o my so this been a thing for years?

@bgianfo bgianfo deleted the fix-overflow branch March 5, 2021 06:38
number201724 pushed a commit to number201724/Detours that referenced this pull request Mar 5, 2021
@dtarditi @number201724
Fix potential integer overflow (microsoft#182)
ebbf721 
When injecting a DLL into a process, it is possible that the process memory has been corrupted.  The values in the import table for the process could be incorrect, which could cause an integer overflow when calculating the size of the new import table.  Add code to protect against this to UPDATE_IMPORTS_XX.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bgianfo bgianfo bgianfo approved these changes

Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dtarditi @AraHaan @bgianfo