[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[lintian] 01/01: Apply a patch from Stephen Kitt to avoid false-positives when checking PE32+ Windows Portable Executable files, additionally dropping the now-unnecessary magic number parsing. (Closes: #886555)



This is an automated email from the git hooks/post-receive script.

lamby pushed a commit to branch master
in repository lintian.

commit 98ec9f996a6308bd72256c182338a50a6d23a8c2
Author: Chris Lamb <lamby@debian.org>
Date:   Mon Jan 8 20:34:10 2018 +0530

    Apply a patch from Stephen Kitt to avoid false-positives when checking PE32+ Windows Portable Executable files, additionally dropping the now-unnecessary magic number parsing. (Closes: #886555)
---
 checks/pe.pm                                          |   8 +-------
 debian/changelog                                      |   4 ++++
 .../pe-missing-security-features/debian/extrac32.exe  | Bin 1032 -> 0 bytes
 .../debian/gdbreplay-pe32+.exe                        | Bin 0 -> 628742 bytes
 .../debian/gdbreplay-pe32.exe                         | Bin 0 -> 592899 bytes
 .../debian/win32-loader.exe                           | Bin 1669581 -> 0 bytes
 6 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/checks/pe.pm b/checks/pe.pm
index 226e824..1165dbf 100644
--- a/checks/pe.pm
+++ b/checks/pe.pm
@@ -44,15 +44,9 @@ sub run {
             seek($fd, 0x3c, 0) or internal_error("seek: $!");
             read($fd, $buf, 4) or internal_error("read: $!");
             my $pe_offset = unpack('V', $buf);
-
             # Read magic to determine whether we are are PE32 or PE32+
-            seek($fd, $pe_offset + 24, 0) or internal_error("seek: $!");
-            read($fd, $buf, 2) or internal_error("read: $!");
-            my $magic = unpack('v', $buf);
-
+            seek($fd, $pe_offset + 26 + 64, 0) or internal_error("seek: $!");
             # Read and parse DLLCharacteristics value
-            seek($fd, (($magic == 0x20B) ? 68 : 64), 1)
-              or internal_error("seek: $!");
             read($fd, $buf, 2) or internal_error("read: $!");
         };
 
diff --git a/debian/changelog b/debian/changelog
index 5149306..aebbe34 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -29,6 +29,10 @@ lintian (2.5.68) UNRELEASED; urgency=medium
   * checks/huge-usr-share.pm:
     + [CL] Bump arch-dep-package-has-big-usr-share thresholds; they were
       last set in 2004.  (Closes: #648755)
+  * checks/pe.pm:
+    + [CL] Apply a patch from Stephen Kitt to avoid false-positives when
+      checking PE32+ Windows Portable Executable files, additionally
+      dropping the now-unnecessary magic number parsing.  (Closes: #886555)
   * checks/python.{pm,desc}:
     + [CL] Don't warn about django-package-does-not-depend-on-django for
       -doc packages, etc.
diff --git a/t/tests/pe-missing-security-features/debian/extrac32.exe b/t/tests/pe-missing-security-features/debian/extrac32.exe
deleted file mode 100644
index a362dac..0000000
Binary files a/t/tests/pe-missing-security-features/debian/extrac32.exe and /dev/null differ
diff --git a/t/tests/pe-missing-security-features/debian/gdbreplay-pe32+.exe b/t/tests/pe-missing-security-features/debian/gdbreplay-pe32+.exe
new file mode 100644
index 0000000..d1ebbdc
Binary files /dev/null and b/t/tests/pe-missing-security-features/debian/gdbreplay-pe32+.exe differ
diff --git a/t/tests/pe-missing-security-features/debian/gdbreplay-pe32.exe b/t/tests/pe-missing-security-features/debian/gdbreplay-pe32.exe
new file mode 100644
index 0000000..0f50468
Binary files /dev/null and b/t/tests/pe-missing-security-features/debian/gdbreplay-pe32.exe differ
diff --git a/t/tests/pe-missing-security-features/debian/win32-loader.exe b/t/tests/pe-missing-security-features/debian/win32-loader.exe
deleted file mode 100644
index ee8a100..0000000
Binary files a/t/tests/pe-missing-security-features/debian/win32-loader.exe and /dev/null differ

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git


Reply to: