From 7c0c0ec5941929dcd9438f410e413f008df42c51 Mon Sep 17 00:00:00 2001 From: Katja Hahn Date: Wed, 5 Jul 2017 12:38:54 +0200 Subject: [PATCH] Fix for parsing non-existant ExportOrdinalTable like in Petna sample --- src/main/java/com/github/katjahahn/parser/PELoader.java | 9 ++++++--- .../parser/sections/edata/ExportOrdinalTable.scala | 2 +- .../katjahahn/parser/sections/edata/ExportSection.scala | 8 +++----- .../java/com/github/katjahahn/tools/PortExAnalyzer.scala | 4 ++-- .../java/com/github/katjahahn/tools/ReportCreator.scala | 3 --- 5 files changed, 12 insertions(+), 14 deletions(-) diff --git a/src/main/java/com/github/katjahahn/parser/PELoader.java b/src/main/java/com/github/katjahahn/parser/PELoader.java index 71e13163..a0957e41 100644 --- a/src/main/java/com/github/katjahahn/parser/PELoader.java +++ b/src/main/java/com/github/katjahahn/parser/PELoader.java @@ -34,11 +34,13 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; +import org.testng.Reporter; import com.github.katjahahn.parser.coffheader.COFFFileHeader; import com.github.katjahahn.parser.msdos.MSDOSHeader; import com.github.katjahahn.parser.optheader.OptionalHeader; import com.github.katjahahn.parser.optheader.WindowsEntryKey; +import com.github.katjahahn.parser.sections.SectionLoader; import com.github.katjahahn.parser.sections.SectionTable; import com.github.katjahahn.tools.DiffReportCreator; import com.github.katjahahn.tools.ReportCreator; @@ -286,9 +288,10 @@ private OptionalHeader loadOptionalHeader(PESignature pesig, public static void main(String[] args) throws IOException, AWTException { logger.entry(); - File file = new File("/home/katja/samples/corruptedPortex"); - ReportCreator reporter = ReportCreator.newInstance(file); - System.out.println(reporter.resourcesReport()); + File file = new File("/home/katja/samples/petna"); + ReportCreator r = ReportCreator.newInstance(file); + System.out.println(r.exportsReport()); + // File file2 = new File("/home/katja/samples/tesla2"); // List list = new ArrayList<>(); // list.add(file); diff --git a/src/main/java/com/github/katjahahn/parser/sections/edata/ExportOrdinalTable.scala b/src/main/java/com/github/katjahahn/parser/sections/edata/ExportOrdinalTable.scala index 309441bc..41c29b6c 100644 --- a/src/main/java/com/github/katjahahn/parser/sections/edata/ExportOrdinalTable.scala +++ b/src/main/java/com/github/katjahahn/parser/sections/edata/ExportOrdinalTable.scala @@ -24,7 +24,7 @@ import com.github.katjahahn.parser.MemoryMappedPE import ExportOrdinalTable.entrySize import com.github.katjahahn.parser.FileFormatException -class ExportOrdinalTable private ( +class ExportOrdinalTable ( val ordinals: List[Int], val base: Int, val fileOffset: Long) { diff --git a/src/main/java/com/github/katjahahn/parser/sections/edata/ExportSection.scala b/src/main/java/com/github/katjahahn/parser/sections/edata/ExportSection.scala index 0e489239..5a7777fc 100644 --- a/src/main/java/com/github/katjahahn/parser/sections/edata/ExportSection.scala +++ b/src/main/java/com/github/katjahahn/parser/sections/edata/ExportSection.scala @@ -233,12 +233,10 @@ object ExportSection { val rva = edataTable(ORDINAL_TABLE_RVA) val entries = edataTable(NR_OF_NAME_POINTERS) val ordTableFileOffset = edataOffset + rva - virtualAddress - if(ordTableFileOffset <= 0) { - throw new FileFormatException("Offset for ordinal export entries invalid!"); + if(ordTableFileOffset <= 0 || entries < 0) { + // create empty ExportOrdinalTable + return new ExportOrdinalTable(List.empty[Int], base.toInt, 0L) } - if(entries < 0) { - throw new FileFormatException("Number of name pointer entries is < 0!"); - } ExportOrdinalTable(mmBytes, base.toInt, rva, entries.toInt, virtualAddress, ordTableFileOffset) } diff --git a/src/main/java/com/github/katjahahn/tools/PortExAnalyzer.scala b/src/main/java/com/github/katjahahn/tools/PortExAnalyzer.scala index 5c36da01..65bba038 100644 --- a/src/main/java/com/github/katjahahn/tools/PortExAnalyzer.scala +++ b/src/main/java/com/github/katjahahn/tools/PortExAnalyzer.scala @@ -42,9 +42,9 @@ import java.awt.Color */ object PortExAnalyzer { - private val version = """version: 0.6.6 + private val version = """version: 0.6.7 |author: Karsten Hahn - |last update: 10. Mai 2017""".stripMargin + |last update: 05. July 2017""".stripMargin private val title = """PortEx Analyzer""" + NL diff --git a/src/main/java/com/github/katjahahn/tools/ReportCreator.scala b/src/main/java/com/github/katjahahn/tools/ReportCreator.scala index afd09e0a..ede3b5a5 100644 --- a/src/main/java/com/github/katjahahn/tools/ReportCreator.scala +++ b/src/main/java/com/github/katjahahn/tools/ReportCreator.scala @@ -215,16 +215,13 @@ class ReportCreator(private val data: PEData) { val loader = new SectionLoader(data) val maybeExports = loader.maybeLoadExportSection() if (maybeExports.isPresent && !maybeExports.get.isEmpty) { - println("not empty") val edata = maybeExports.get val buf = new StringBuffer() buf.append(title("Exports") + NL) val exports = edata.getExportEntries.asScala - println("retrieving export entry") for (export <- exports) { buf.append(export + NL) } - println("exports done") buf.toString + NL } else "" }