Driver: fortmm: Simplify IsPEHeaderValid()

This commit is contained in:
Nodir Temirkhodjaev 2023-05-09 17:10:33 +03:00
parent d086a9b8b0
commit 7e29bd622b

View File

@ -293,25 +293,18 @@ static BOOL CheckPEHeaderSections(const PIMAGE_NT_HEADERS pNtHeaders)
return TRUE; return TRUE;
} }
static BOOL IsPEHeaderValid(PVOID lpData, DWORD dwSize) inline static BOOL CheckPEHeaderOptionalValid(const PIMAGE_NT_HEADERS pNtHeaders, DWORD dwSize)
{ {
const PIMAGE_DOS_HEADER pDosHeader = (PIMAGE_DOS_HEADER) lpData; /* Check NT header for valid signature */
if (pNtHeaders->Signature != IMAGE_NT_SIGNATURE)
if (pDosHeader->e_magic != IMAGE_DOS_SIGNATURE /* Check DOS header for valid signature */
/* Make sure size is at least size of headers */
|| dwSize < (sizeof(IMAGE_DOS_HEADER) + sizeof(IMAGE_OPTIONAL_HEADER))
|| dwSize < (pDosHeader->e_lfanew + sizeof(IMAGE_NT_HEADERS)))
return FALSE; return FALSE;
/* Check for optional headers */
const PIMAGE_NT_HEADERS pNtHeaders =
(PIMAGE_NT_HEADERS) & ((PUCHAR) lpData)[pDosHeader->e_lfanew];
if (pNtHeaders->Signature != IMAGE_NT_SIGNATURE /* Check NT header for valid signature */
/* Check size of optional headerss */ /* Check size of optional headerss */
|| dwSize < pNtHeaders->OptionalHeader.SizeOfHeaders if (dwSize < pNtHeaders->OptionalHeader.SizeOfHeaders)
return FALSE;
/* Check for the correct architecture */ /* Check for the correct architecture */
|| pNtHeaders->FileHeader.Machine != if (pNtHeaders->FileHeader.Machine !=
#if defined(_M_ARM64) #if defined(_M_ARM64)
IMAGE_FILE_MACHINE_ARM64 IMAGE_FILE_MACHINE_ARM64
#elif defined(_WIN64) #elif defined(_WIN64)
@ -319,9 +312,11 @@ static BOOL IsPEHeaderValid(PVOID lpData, DWORD dwSize)
#else #else
IMAGE_FILE_MACHINE_I386 IMAGE_FILE_MACHINE_I386
#endif #endif
)
return FALSE;
/* Check to see if the image is really an executable file */ /* Check to see if the image is really an executable file */
|| (pNtHeaders->FileHeader.Characteristics if ((pNtHeaders->FileHeader.Characteristics & (IMAGE_FILE_EXECUTABLE_IMAGE | IMAGE_FILE_DLL))
& (IMAGE_FILE_EXECUTABLE_IMAGE | IMAGE_FILE_DLL))
== 0) == 0)
return FALSE; return FALSE;
@ -329,6 +324,28 @@ static BOOL IsPEHeaderValid(PVOID lpData, DWORD dwSize)
return CheckPEHeaderSections(pNtHeaders); return CheckPEHeaderSections(pNtHeaders);
} }
static BOOL IsPEHeaderValid(PVOID lpData, DWORD dwSize)
{
const PIMAGE_DOS_HEADER pDosHeader = (PIMAGE_DOS_HEADER) lpData;
/* Check DOS header for valid signature */
if (pDosHeader->e_magic != IMAGE_DOS_SIGNATURE)
return FALSE;
/* Make sure size is at least size of headers */
if (dwSize < (sizeof(IMAGE_DOS_HEADER) + sizeof(IMAGE_OPTIONAL_HEADER)))
return FALSE;
if (dwSize < (pDosHeader->e_lfanew + sizeof(IMAGE_NT_HEADERS)))
return FALSE;
/* Check for optional headers */
const PIMAGE_NT_HEADERS pNtHeaders =
(PIMAGE_NT_HEADERS) & ((PUCHAR) lpData)[pDosHeader->e_lfanew];
return CheckPEHeaderOptionalValid(pNtHeaders, dwSize);
}
static NTSTATUS InitializeModuleImage(PLOADEDMODULE pModule, const PIMAGE_NT_HEADERS lpNtHeaders, static NTSTATUS InitializeModuleImage(PLOADEDMODULE pModule, const PIMAGE_NT_HEADERS lpNtHeaders,
const PUCHAR lpData, DWORD dwSize, DWORD imageSize) const PUCHAR lpData, DWORD dwSize, DWORD imageSize)
{ {