Beware overlap when rebuildImports

jreiser · jreiser · commit 14992260c60b · 2020-09-20T14:10:24.000-07:00
Based on a hint from a little bird.
	modified:   pefile.cpp
diff --git a/src/pefile.cpp b/src/pefile.cpp
@@ -76,6 +76,7 @@ static void xcheck(size_t poff, size_t plen, const void *b, size_t blen)
 #define omemset(a,b,c)      OCHECK(a,c), memset(a,b,c)
 #define imemcpy(a,b,c)      ICHECK(a,c), memcpy(a,b,c)
 #define omemcpy(a,b,c)      OCHECK(a,c), memcpy(a,b,c)
+#define omemmove(a,b,c)     OCHECK(a,c), memmove(a,b,c)
 
 
 /*************************************************************************
@@ -2814,16 +2815,14 @@ void PeFile::rebuildImports(upx_byte *& extrainfo,
         if (inamespos)
         {
             // now I rebuild the dll names
-            OCHECK(dllnames, dlen + 1);
-            strcpy(dllnames, dname);
+            omemcpy(dllnames, dname, dlen + 1);
             im->dllname = ptr_diff(dllnames,Obuf);
             //;;;printf("\ndll: %s:",dllnames);
             dllnames += dlen + 1;
         }
         else
         {
-            OCHECK(Obuf + im->dllname, dlen + 1);
-            strcpy(Obuf + im->dllname, dname);
+            omemcpy(Obuf + im->dllname, dname, dlen + 1);
         }
         im->iat = iatoffs;
         if (set_oft)
@@ -2847,8 +2846,8 @@ void PeFile::rebuildImports(upx_byte *& extrainfo,
                 }
                 else
                 {
-                    OCHECK(Obuf + (*newiat + 2), ilen + 1);
-                    strcpy(Obuf + (*newiat + 2), p);
+                    // Beware overlap!
+                    omemmove(Obuf + (*newiat + 2), p, ilen + 1);
                 }
                 p += ilen;
             }

Original file line number	Diff line number	Diff line change
`@@ -76,6 +76,7 @@ static void xcheck(size_t poff, size_t plen, const void *b, size_t blen)`
`76`	`76`	`#define omemset(a,b,c) OCHECK(a,c), memset(a,b,c)`
`77`	`77`	`#define imemcpy(a,b,c) ICHECK(a,c), memcpy(a,b,c)`
`78`	`78`	`#define omemcpy(a,b,c) OCHECK(a,c), memcpy(a,b,c)`
	`79`	`+#define omemmove(a,b,c) OCHECK(a,c), memmove(a,b,c)`
`79`	`80`
`80`	`81`
`81`	`82`	`/*************************************************************************`
`@@ -2814,16 +2815,14 @@ void PeFile::rebuildImports(upx_byte *& extrainfo,`
`2814`	`2815`	`if (inamespos)`
`2815`	`2816`	`{`
`2816`	`2817`	`// now I rebuild the dll names`
`2817`		`- OCHECK(dllnames, dlen + 1);`
`2818`		`- strcpy(dllnames, dname);`
	`2818`	`+ omemcpy(dllnames, dname, dlen + 1);`
`2819`	`2819`	`im->dllname = ptr_diff(dllnames,Obuf);`
`2820`	`2820`	`//;;;printf("\ndll: %s:",dllnames);`
`2821`	`2821`	`dllnames += dlen + 1;`
`2822`	`2822`	`}`
`2823`	`2823`	`else`
`2824`	`2824`	`{`
`2825`		`- OCHECK(Obuf + im->dllname, dlen + 1);`
`2826`		`- strcpy(Obuf + im->dllname, dname);`
	`2825`	`+ omemcpy(Obuf + im->dllname, dname, dlen + 1);`
`2827`	`2826`	`}`
`2828`	`2827`	`im->iat = iatoffs;`
`2829`	`2828`	`if (set_oft)`
`@@ -2847,8 +2846,8 @@ void PeFile::rebuildImports(upx_byte *& extrainfo,`
`2847`	`2846`	`}`
`2848`	`2847`	`else`
`2849`	`2848`	`{`
`2850`		`- OCHECK(Obuf + (*newiat + 2), ilen + 1);`
`2851`		`- strcpy(Obuf + (*newiat + 2), p);`
	`2849`	`+ // Beware overlap!`
	`2850`	`+ omemmove(Obuf + (*newiat + 2), p, ilen + 1);`
`2852`	`2851`	`}`
`2853`	`2852`	`p += ilen;`
`2854`	`2853`	`}`