Control: tag -1 + patch On Sun, 07 Jan 2018 17:22:45 +0100, Stephen Kitt <skitt@debian.org> wrote: > The PE security features test mis-reports 64-bit binaries as missing > features. You can reproduce this with the binaries in /usr/share/win64 > in gdb-mingw-w64-target. And the attached patch fixes this. Regards, Stephen
From 1246f8e0cc22a2f3ab7c9ea8a8cc179c138b3bca Mon Sep 17 00:00:00 2001 From: Stephen Kitt <skitt@debian.org> Date: Mon, 8 Jan 2018 09:03:31 +0100 Subject: [PATCH] Fix the DllCharacteristics offset for PE32+ DllCharacteristics is at offset 64 for PE32 and PE32+ (64-bit). In the PE optional header, DllCharacteristics is preceded by ImageBase which is a DWORD in 32-bit PEs and a QWORD in 64-bit PEs, but 64-bit PEs lose the BaseOfData DWORD which means DllCharacteristics is at the same offset in both variants. Signed-off-by: Stephen Kitt <skitt@debian.org> --- checks/pe.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/checks/pe.pm b/checks/pe.pm index 226e82420..258fd7d6a 100644 --- a/checks/pe.pm +++ b/checks/pe.pm @@ -51,7 +51,7 @@ sub run { my $magic = unpack('v', $buf); # Read and parse DLLCharacteristics value - seek($fd, (($magic == 0x20B) ? 68 : 64), 1) + seek($fd, 64, 1) or internal_error("seek: $!"); read($fd, $buf, 2) or internal_error("read: $!"); }; -- 2.11.0
Attachment:
pgpNGpYpIZB2A.pgp
Description: OpenPGP digital signature