[aandrejevic] 63105: [NTOSKRNL] If we cannot read the file at offset e_lfanew, it means that the value of e_lfanew is invalid. - Ros-diffs

2 May 2014

Author: aandrejevic
Date: Fri May  2 14:38:36 2014
New Revision: 63105
URL: http://svn.reactos.org/svn/reactos?rev=63105&view=rev
Log:
[NTOSKRNL]
If we cannot read the file at offset e_lfanew, it means that the value of e_lfanew is invalid.
Modified:
    branches/ntvdm/ntoskrnl/mm/section.c
Modified: branches/ntvdm/ntoskrnl/mm/section.c
URL: http://svn.reactos.org/svn/reactos/branches/ntvdm/ntoskrnl/mm/section.c?rev=...
==============================================================================

--- branches/ntvdm/ntoskrnl/mm/section.c	[iso-8859-1] (original)
+++ branches/ntvdm/ntoskrnl/mm/section.c	[iso-8859-1] Fri May  2 14:38:36 2014
@@ -284,7 +284,14 @@
         nStatus = ReadFileCb(File, &lnOffset, sizeof(IMAGE_NT_HEADERS64), &pData, &pBuffer, &cbReadSize);
if(!NT_SUCCESS(nStatus))
-            DIE(("ReadFile failed, status %08X\n", nStatus));
+        {
+            NTSTATUS ReturnedStatus = nStatus;
+
+            /* If it attempted to read past the end of the file, it means e_lfanew is invalid */
+            if (ReturnedStatus == STATUS_END_OF_FILE) nStatus = STATUS_INVALID_IMAGE_FORMAT;
+
+            DIE(("ReadFile failed, status %08X\n", ReturnedStatus));
+        }
ASSERT(pData);
         ASSERT(pBuffer);

    