Skip to content

Commit

Permalink
Improve CreateFile flags parsing
Browse files Browse the repository at this point in the history
  • Loading branch information
@W0ni
W0ni committed Jan 16, 2024
1 parent ec29f74 commit 78a73ca
Showing 1 changed file with 9 additions and 6 deletions.
15 changes: 9 additions & 6 deletions miasm/os_dep/win_api_x86_32.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -623,10 +623,10 @@ def kernel32_CreateFile(jitter, funcname, get_str):
elif fname.upper() in ['NUL']:
ret = winobjs.module_cur_hwnd
else:
# sandox path
# sandbox path
sb_fname = windows_to_sbpath(fname)
if args.access & 0x80000000 or args.access == 1:
# read
# read and maybe write
if args.dwcreationdisposition == 2:
# create_always
if os.access(sb_fname, os.R_OK):
Expand All @@ -642,7 +642,10 @@ def kernel32_CreateFile(jitter, funcname, get_str):
if stat.S_ISDIR(s.st_mode):
ret = winobjs.handle_pool.add(sb_fname, 0x1337)
else:
h = open(sb_fname, 'r+b')
open_mode = 'rb'
if (args.access & 0x40000000) or args.access == 2:
open_mode = 'r+b'
h = open(sb_fname, open_mode)
ret = winobjs.handle_pool.add(sb_fname, h)
else:
log.warning("FILE %r (%s) DOES NOT EXIST!", fname, sb_fname)
Expand Down Expand Up @@ -671,8 +674,8 @@ def kernel32_CreateFile(jitter, funcname, get_str):
raise NotImplementedError("Untested case")
else:
raise NotImplementedError("Untested case")
elif args.access & 0x40000000:
# write
elif (args.access & 0x40000000) or args.access == 2:
# write but not read
if args.dwcreationdisposition == 3:
# open existing
if is_original_file:
Expand All @@ -684,7 +687,7 @@ def kernel32_CreateFile(jitter, funcname, get_str):
# open dir
ret = winobjs.handle_pool.add(sb_fname, 0x1337)
else:
h = open(sb_fname, 'r+b')
h = open(sb_fname, 'wb')
ret = winobjs.handle_pool.add(sb_fname, h)
else:
raise NotImplementedError("Untested case") # to test
Expand Down

0 comments on commit 78a73ca

Please sign in to comment.