From 363621d0a00e89af5e3a68f34242999f04355042 Mon Sep 17 00:00:00 2001 From: Mattiwatti Date: Mon, 6 May 2019 19:14:57 +0200 Subject: Fix two dumb mistakes that were cancelling each other out PE section names must be null terminated because they are not guaranteed to be. However they must be null terminated at 8 characters, not at the length of the string that happens to be relevant for whatever reason. This would have led to false positives when finding sections, were it not for the off-by-one error that was keeping an additional character in the buffer --- EfiGuardDxe/PatchNtoskrnl.c | 2 +- EfiGuardDxe/PatchWinload.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'EfiGuardDxe') diff --git a/EfiGuardDxe/PatchNtoskrnl.c b/EfiGuardDxe/PatchNtoskrnl.c index bcdb8cc..c11d460 100644 --- a/EfiGuardDxe/PatchNtoskrnl.c +++ b/EfiGuardDxe/PatchNtoskrnl.c @@ -612,7 +612,7 @@ PatchNtoskrnl( { CHAR8 SectionName[EFI_IMAGE_SIZEOF_SHORT_NAME + 1]; CopyMem(SectionName, Section->Name, EFI_IMAGE_SIZEOF_SHORT_NAME); - SectionName[MAX(sizeof("PAGE"), sizeof("INIT"))] = '\0'; // Null terminate so we don't match lookalikes like INITDATA and PAGEVRFY + SectionName[EFI_IMAGE_SIZEOF_SHORT_NAME] = '\0'; if (AsciiStrCmp(SectionName, "INIT") == 0) InitSection = Section; diff --git a/EfiGuardDxe/PatchWinload.c b/EfiGuardDxe/PatchWinload.c index 1a37de4..2182fb9 100644 --- a/EfiGuardDxe/PatchWinload.c +++ b/EfiGuardDxe/PatchWinload.c @@ -581,7 +581,7 @@ PatchWinload( { CHAR8 SectionName[EFI_IMAGE_SIZEOF_SHORT_NAME + 1]; CopyMem(SectionName, Section->Name, EFI_IMAGE_SIZEOF_SHORT_NAME); - SectionName[MAX(sizeof(".text"), sizeof(".rdata"))] = '\0'; + SectionName[EFI_IMAGE_SIZEOF_SHORT_NAME] = '\0'; if (AsciiStrCmp(SectionName, ".text") == 0) CodeSection = Section; -- cgit v1.2.3