Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Validate PDB magic and ImageDebugDirectory type and version #279

merged 1 commit into from Jul 13, 2016


Copy link

AustinWise commented Jul 13, 2016

Presently PdbReader does not validate that it is actually opening a traditional PDB. If a portable PDB is opened, the Portable PDB file is blindly assumed to be a regular PDB and parsing eventually fails when a huge array is attempted to be allocated:

System.OutOfMemoryException: Array dimensions exceeded supported range.
   at Microsoft.Cci.Pdb.MsfDirectory..ctor(PdbReader reader, PdbFileHeader head, BitAccess bits)
   at Microsoft.Cci.Pdb.PdbFile.LoadFunctions(Stream read, Dictionary`2& tokenToSourceMapping, String& sourceServerData, Int32& age, Guid& guid)
   at Mono.Cecil.Pdb.PdbReader.PopulateFunctions()
   at Mono.Cecil.Pdb.PdbReader.ProcessDebugHeader(ImageDebugDirectory directory, Byte[] header)
   at Mono.Cecil.ModuleDefinition.ProcessDebugHeader()
   at ICSharpCode.ILSpy.LoadedAssembly.LoadSymbols(ModuleDefinition module)

This pull request validates both the ImageDebugDirectory in the PE file and the magic at the beginning of a PDB file. This change is motivated by icsharpcode/ILSpy#723, which expects InvalidOperationException when the file is invalid, not OutOfMemoryException.

@jbevain jbevain merged commit 7efc4a6 into jbevain:master Jul 13, 2016
2 checks passed
2 checks passed
continuous-integration/appveyor/pr AppVeyor build succeeded
continuous-integration/travis-ci/pr The Travis CI build passed
Copy link

jbevain commented Jul 13, 2016

Thanks Austin!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants
You can’t perform that action at this time.