Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

debug/pe: check for PE or PE32+ executable is not fully correct #54250

Closed
alfonsosanchezbeato opened this issue Aug 4, 2022 · 2 comments
Closed
Assignees
Labels
NeedsFix
Milestone

Comments

@alfonsosanchezbeato
Copy link

@alfonsosanchezbeato alfonsosanchezbeato commented Aug 4, 2022

What version of Go are you using (go version)?

$ go version
go version go1.18.1 linux/amd64

Does this issue reproduce with the latest release?

Yes

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/abeato/.cache/go-build"
GOENV="/home/abeato/.config/go/env"
GOEXE=""
GOEXPERIMENT=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/home/abeato/go/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/home/abeato/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/lib/go-1.18"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/lib/go-1.18/pkg/tool/linux_amd64"
GOVCS=""
GOVERSION="go1.18.1"
GCCGO="gccgo"
GOAMD64="v1"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/dev/null"
GOWORK=""
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build3245950783=/tmp/go-build -gno-record-gcc-switches"

What did you do?

Looking at the code in https://github.com/golang/go/blob/master/src/debug/pe/file.go#L325 , the debug/pe package detects if the file is a PE or PE+ executable by looking at the machine type. However, this is not fully correct. According to the spec (https://docs.microsoft.com/en-us/windows/win32/debug/pe-format#optional-header-image-only), the type of executable should be determined by looking at the first two bytes of the optional header, which should contain 0x10b for PE or 0x20b for PE+. Probably if the machine is 64 bits that implies PE+, but maybe that's not true in 100% of the cases.

What did you expect to see?

NA

What did you see instead?

NA

@dmitshur
Copy link
Contributor

@dmitshur dmitshur commented Aug 4, 2022

CC @alexbrainman.

@dmitshur dmitshur added the NeedsInvestigation label Aug 4, 2022
@dmitshur dmitshur added this to the Backlog milestone Aug 4, 2022
@gopherbot
Copy link

@gopherbot gopherbot commented Aug 4, 2022

Change https://go.dev/cl/421394 mentions this issue: debug/pe: use correct pe64 test in ImportedSymbols

@dmitshur dmitshur modified the milestones: Backlog, Go1.20 Aug 5, 2022
@dmitshur dmitshur added NeedsFix and removed NeedsInvestigation labels Aug 5, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
NeedsFix
Projects
None yet
Development

No branches or pull requests

4 participants