Skip to content

Commit 2d255fe

Browse files
sha0codersha0coder
committed
on 64bits the ldr entry image_size is really a dword, but aligned so offets already matched
1 parent e243f6a commit 2d255fe

File tree

2 files changed

+4
-4
lines changed

2 files changed

+4
-4
lines changed

crates/libmwemu/src/peb/peb64.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -480,7 +480,7 @@ pub fn create_ldr_entry(
480480
let mut image_sz = 0;
481481
if base > 0 {
482482
let pe_hdr = emu.maps.read_dword(base + 0x3c).unwrap() as u64;
483-
image_sz = emu.maps.read_qword(base + pe_hdr + 0x50).unwrap() as u64;
483+
image_sz = emu.maps.read_dword(base + pe_hdr + 0x50).unwrap();
484484
base_addr = base;
485485
} else {
486486
base_addr = space_addr

crates/libmwemu/src/structures/ldr_data_table_entry64.rs

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ pub struct LdrDataTableEntry64 {
1010
pub in_initialization_order_links: ListEntry64,
1111
pub dll_base: u64,
1212
pub entry_point: u64,
13-
pub size_of_image: u64,
13+
pub size_of_image: u32,
1414
pub full_dll_name: UnicodeString64,
1515
pub base_dll_name: UnicodeString64,
1616
pub flags: u32,
@@ -56,7 +56,7 @@ impl LdrDataTableEntry64 {
5656
in_initialization_order_links: ListEntry64::load(addr + 0x20, maps),
5757
dll_base: maps.read_qword(addr + 0x30).unwrap(),
5858
entry_point: maps.read_qword(addr + 0x38).unwrap(),
59-
size_of_image: maps.read_qword(addr + 0x40).unwrap(),
59+
size_of_image: maps.read_dword(addr + 0x40).unwrap(), // dword aligned to qword
6060
full_dll_name: UnicodeString64::load(addr + 0x48, maps),
6161
base_dll_name: UnicodeString64::load(addr + 0x58, maps),
6262
flags: maps.read_dword(addr + 0x68).unwrap(), // cc 22 00 00 c4 a2 00 00 cc a2 c0 00
@@ -73,7 +73,7 @@ impl LdrDataTableEntry64 {
7373
self.in_initialization_order_links.save(addr + 0x20, maps);
7474
maps.write_qword(addr + 0x30, self.dll_base);
7575
maps.write_qword(addr + 0x38, self.entry_point);
76-
maps.write_qword(addr + 0x40, self.size_of_image);
76+
maps.write_dword(addr + 0x40, self.size_of_image);
7777
self.full_dll_name.save(addr + 0x48, maps);
7878
self.base_dll_name.save(addr + 0x58, maps);
7979
maps.write_dword(addr + 0x68, self.flags);

0 commit comments

Comments
 (0)