Control: tag -1 + patch On Sun, 07 Jan 2018 17:22:45 +0100, Stephen Kitt <skitt@debian.org> wrote: > The PE security features test mis-reports 64-bit binaries as missing > features. You can reproduce this with the binaries in /usr/share/win64 > in gdb-mingw-w64-target. And the attached patch fixes this. Regards, Stephen
From 1246f8e0cc22a2f3ab7c9ea8a8cc179c138b3bca Mon Sep 17 00:00:00 2001
From: Stephen Kitt <skitt@debian.org>
Date: Mon, 8 Jan 2018 09:03:31 +0100
Subject: [PATCH] Fix the DllCharacteristics offset for PE32+
DllCharacteristics is at offset 64 for PE32 and PE32+ (64-bit). In the
PE optional header, DllCharacteristics is preceded by ImageBase which
is a DWORD in 32-bit PEs and a QWORD in 64-bit PEs, but 64-bit PEs
lose the BaseOfData DWORD which means DllCharacteristics is at the
same offset in both variants.
Signed-off-by: Stephen Kitt <skitt@debian.org>
---
checks/pe.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/checks/pe.pm b/checks/pe.pm
index 226e82420..258fd7d6a 100644
--- a/checks/pe.pm
+++ b/checks/pe.pm
@@ -51,7 +51,7 @@ sub run {
my $magic = unpack('v', $buf);
# Read and parse DLLCharacteristics value
- seek($fd, (($magic == 0x20B) ? 68 : 64), 1)
+ seek($fd, 64, 1)
or internal_error("seek: $!");
read($fd, $buf, 2) or internal_error("read: $!");
};
--
2.11.0
Attachment:
pgpNGpYpIZB2A.pgp
Description: OpenPGP digital signature