mirror of
https://github.com/tnodir/fort
synced 2024-11-15 10:45:10 +00:00
Driver: fortmm: Simplify IsPEHeaderValid()
This commit is contained in:
parent
d086a9b8b0
commit
7e29bd622b
@ -293,25 +293,18 @@ static BOOL CheckPEHeaderSections(const PIMAGE_NT_HEADERS pNtHeaders)
|
|||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
static BOOL IsPEHeaderValid(PVOID lpData, DWORD dwSize)
|
inline static BOOL CheckPEHeaderOptionalValid(const PIMAGE_NT_HEADERS pNtHeaders, DWORD dwSize)
|
||||||
{
|
{
|
||||||
const PIMAGE_DOS_HEADER pDosHeader = (PIMAGE_DOS_HEADER) lpData;
|
/* Check NT header for valid signature */
|
||||||
|
if (pNtHeaders->Signature != IMAGE_NT_SIGNATURE)
|
||||||
if (pDosHeader->e_magic != IMAGE_DOS_SIGNATURE /* Check DOS header for valid signature */
|
|
||||||
/* Make sure size is at least size of headers */
|
|
||||||
|| dwSize < (sizeof(IMAGE_DOS_HEADER) + sizeof(IMAGE_OPTIONAL_HEADER))
|
|
||||||
|| dwSize < (pDosHeader->e_lfanew + sizeof(IMAGE_NT_HEADERS)))
|
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
|
||||||
/* Check for optional headers */
|
|
||||||
const PIMAGE_NT_HEADERS pNtHeaders =
|
|
||||||
(PIMAGE_NT_HEADERS) & ((PUCHAR) lpData)[pDosHeader->e_lfanew];
|
|
||||||
|
|
||||||
if (pNtHeaders->Signature != IMAGE_NT_SIGNATURE /* Check NT header for valid signature */
|
|
||||||
/* Check size of optional headerss */
|
/* Check size of optional headerss */
|
||||||
|| dwSize < pNtHeaders->OptionalHeader.SizeOfHeaders
|
if (dwSize < pNtHeaders->OptionalHeader.SizeOfHeaders)
|
||||||
|
return FALSE;
|
||||||
|
|
||||||
/* Check for the correct architecture */
|
/* Check for the correct architecture */
|
||||||
|| pNtHeaders->FileHeader.Machine !=
|
if (pNtHeaders->FileHeader.Machine !=
|
||||||
#if defined(_M_ARM64)
|
#if defined(_M_ARM64)
|
||||||
IMAGE_FILE_MACHINE_ARM64
|
IMAGE_FILE_MACHINE_ARM64
|
||||||
#elif defined(_WIN64)
|
#elif defined(_WIN64)
|
||||||
@ -319,9 +312,11 @@ static BOOL IsPEHeaderValid(PVOID lpData, DWORD dwSize)
|
|||||||
#else
|
#else
|
||||||
IMAGE_FILE_MACHINE_I386
|
IMAGE_FILE_MACHINE_I386
|
||||||
#endif
|
#endif
|
||||||
|
)
|
||||||
|
return FALSE;
|
||||||
|
|
||||||
/* Check to see if the image is really an executable file */
|
/* Check to see if the image is really an executable file */
|
||||||
|| (pNtHeaders->FileHeader.Characteristics
|
if ((pNtHeaders->FileHeader.Characteristics & (IMAGE_FILE_EXECUTABLE_IMAGE | IMAGE_FILE_DLL))
|
||||||
& (IMAGE_FILE_EXECUTABLE_IMAGE | IMAGE_FILE_DLL))
|
|
||||||
== 0)
|
== 0)
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
|
||||||
@ -329,6 +324,28 @@ static BOOL IsPEHeaderValid(PVOID lpData, DWORD dwSize)
|
|||||||
return CheckPEHeaderSections(pNtHeaders);
|
return CheckPEHeaderSections(pNtHeaders);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static BOOL IsPEHeaderValid(PVOID lpData, DWORD dwSize)
|
||||||
|
{
|
||||||
|
const PIMAGE_DOS_HEADER pDosHeader = (PIMAGE_DOS_HEADER) lpData;
|
||||||
|
|
||||||
|
/* Check DOS header for valid signature */
|
||||||
|
if (pDosHeader->e_magic != IMAGE_DOS_SIGNATURE)
|
||||||
|
return FALSE;
|
||||||
|
|
||||||
|
/* Make sure size is at least size of headers */
|
||||||
|
if (dwSize < (sizeof(IMAGE_DOS_HEADER) + sizeof(IMAGE_OPTIONAL_HEADER)))
|
||||||
|
return FALSE;
|
||||||
|
|
||||||
|
if (dwSize < (pDosHeader->e_lfanew + sizeof(IMAGE_NT_HEADERS)))
|
||||||
|
return FALSE;
|
||||||
|
|
||||||
|
/* Check for optional headers */
|
||||||
|
const PIMAGE_NT_HEADERS pNtHeaders =
|
||||||
|
(PIMAGE_NT_HEADERS) & ((PUCHAR) lpData)[pDosHeader->e_lfanew];
|
||||||
|
|
||||||
|
return CheckPEHeaderOptionalValid(pNtHeaders, dwSize);
|
||||||
|
}
|
||||||
|
|
||||||
static NTSTATUS InitializeModuleImage(PLOADEDMODULE pModule, const PIMAGE_NT_HEADERS lpNtHeaders,
|
static NTSTATUS InitializeModuleImage(PLOADEDMODULE pModule, const PIMAGE_NT_HEADERS lpNtHeaders,
|
||||||
const PUCHAR lpData, DWORD dwSize, DWORD imageSize)
|
const PUCHAR lpData, DWORD dwSize, DWORD imageSize)
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user