Fix crash in detectPlatform: handle negative e_lfanew offset
Build & Deploy / build-and-deploy (push) Successful in 53s

For pure DOS executables, the e_lfanew field at MZ header offset 0x3C
is uninitialized garbage. Duke Nukem 2's EXE had bytes that form a
negative int32 (-1878619136), which was used as an array index causing
ArrayIndexOutOfBoundsException.

Now checks peOffset < 0 and returns 'dos' (no Windows signature found).
This commit is contained in:
Hermes Agent
2026-05-28 15:53:51 +02:00
parent 41d1e22522
commit a4b633ae86
@@ -468,14 +468,17 @@ public class UploadResource {
// Must start with MZ
if (buf[0] != 0x4D || buf[1] != 0x5A) return null;
// Read e_lfanew at offset 0x3C
// Read e_lfanew at offset 0x3C (only meaningful for PE/NE — garbage for pure DOS)
if (read < 0x40) return "dos"; // too short for PE/NE, assume DOS
int peOffset = (buf[0x3C] & 0xFF)
| ((buf[0x3D] & 0xFF) << 8)
| ((buf[0x3E] & 0xFF) << 16)
| ((buf[0x3F] & 0xFF) << 24);
// If signature is beyond our buffer, read it
// e_lfanew is garbage for pure DOS executables — may be negative or absurd
if (peOffset < 0) return "dos";
// If signature is beyond our buffer, read it from the file
byte sig1, sig2;
if (peOffset + 2 <= read) {
sig1 = buf[peOffset];