[overlay] Added the number of bytes and their offset to the informati…

…on returned by the plugin. Updated the RICH IDs with the latest Visual Studio update.
JusticeRage · Oct 19, 2018 · c0f3ccc · c0f3ccc
1 parent 3ae91b4
commit c0f3ccc
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/manape/nt_values.cpp b/manape/nt_values.cpp
@@ -662,7 +662,7 @@ const flag_dict COMP_ID_PRODID =
                                 ("VS2017 v15.8.2 compiler 26727",              0x6867)
                                 ("VS2017 v15.8.3 compiler 26728",              0x6868)
                                 ("VS2017 v15.8.4 compiler 26729",              0x6869)
-                                ("VS2017 v15.8.5-6 compiler 26730",            0x686A)
+                                ("VS2017 v15.8.5-7 compiler 26730",            0x686A)
     ;
 
 // ----------------------------------------------------------------------------

diff --git a/plugins/plugin_overlay.cpp b/plugins/plugin_overlay.cpp
@@ -52,6 +52,9 @@ class OverlayPlugin : public IPlugin
 
         res->raise_level(SUSPICIOUS);
         res->set_summary("The file contains overlay data.");
+        std::stringstream ss;
+        ss << overlay_bytes->size() << " bytes of data starting at offset 0x" << std::hex << pe.get_filesize() - overlay_bytes->size() << ".";
+        res->add_information(ss.str());
 
         // Try to detect the file type of the overlay data.
         yara::Yara y;