Fix crash in detectPlatform: handle negative e_lfanew offset
Build & Deploy / build-and-deploy (push) Successful in 53s
Build & Deploy / build-and-deploy (push) Successful in 53s
For pure DOS executables, the e_lfanew field at MZ header offset 0x3C is uninitialized garbage. Duke Nukem 2's EXE had bytes that form a negative int32 (-1878619136), which was used as an array index causing ArrayIndexOutOfBoundsException. Now checks peOffset < 0 and returns 'dos' (no Windows signature found).
This commit is contained in:
@@ -468,14 +468,17 @@ public class UploadResource {
|
||||
// Must start with MZ
|
||||
if (buf[0] != 0x4D || buf[1] != 0x5A) return null;
|
||||
|
||||
// Read e_lfanew at offset 0x3C
|
||||
// Read e_lfanew at offset 0x3C (only meaningful for PE/NE — garbage for pure DOS)
|
||||
if (read < 0x40) return "dos"; // too short for PE/NE, assume DOS
|
||||
int peOffset = (buf[0x3C] & 0xFF)
|
||||
| ((buf[0x3D] & 0xFF) << 8)
|
||||
| ((buf[0x3E] & 0xFF) << 16)
|
||||
| ((buf[0x3F] & 0xFF) << 24);
|
||||
|
||||
// If signature is beyond our buffer, read it
|
||||
// e_lfanew is garbage for pure DOS executables — may be negative or absurd
|
||||
if (peOffset < 0) return "dos";
|
||||
|
||||
// If signature is beyond our buffer, read it from the file
|
||||
byte sig1, sig2;
|
||||
if (peOffset + 2 <= read) {
|
||||
sig1 = buf[peOffset];
|
||||
|
||||
Reference in New Issue
Block a user