Author: aandrejevic Date: Fri May 2 14:38:36 2014 New Revision: 63105 URL: http://svn.reactos.org/svn/reactos?rev=63105&view=rev Log: [NTOSKRNL] If we cannot read the file at offset e_lfanew, it means that the value of e_lfanew is invalid. Modified: branches/ntvdm/ntoskrnl/mm/section.c Modified: branches/ntvdm/ntoskrnl/mm/section.c URL: http://svn.reactos.org/svn/reactos/branches/ntvdm/ntoskrnl/mm/section.c?rev… ============================================================================== --- branches/ntvdm/ntoskrnl/mm/section.c [iso-8859-1] (original) +++ branches/ntvdm/ntoskrnl/mm/section.c [iso-8859-1] Fri May 2 14:38:36 2014 @@ -284,7 +284,14 @@ nStatus = ReadFileCb(File, &lnOffset, sizeof(IMAGE_NT_HEADERS64), &pData, &pBuffer, &cbReadSize); if(!NT_SUCCESS(nStatus)) - DIE(("ReadFile failed, status %08X\n", nStatus)); + { + NTSTATUS ReturnedStatus = nStatus; + + /* If it attempted to read past the end of the file, it means e_lfanew is invalid */ + if (ReturnedStatus == STATUS_END_OF_FILE) nStatus = STATUS_INVALID_IMAGE_FORMAT; + + DIE(("ReadFile failed, status %08X\n", ReturnedStatus)); + } ASSERT(pData); ASSERT(pBuffer);