KindDragon / vld

Visual Leak Detector for Visual C++ 2008-2015
https://kinddragon.github.io/vld/
GNU Lesser General Public License v2.1
1.02k stars 314 forks source link

Memory access violation #37

Closed serge-sb closed 1 year ago

serge-sb commented 6 years ago

Dear VLD developers,

It seems I've found some rare bug. I'm not able to do pull requests, so pls review my proposition and add it if you find it ok.

Bug is in the utility.cpp in PatchImport function (line 489). After calling to ImageDirectoryEntryToDataEx the idte variable is compared to NULL (line 508). But this is not actually enough. In case idte is not null, the idte->OriginalFirstThunk must be also compared to zero. If it is 0, then the PatchImport must return immediately.

So, the line: if (idte == NULL) { should be replaced with: if ((idte == NULL) || (idte->OriginalFirstThunk == 0)) {

If this is not done, then later in this function IMAGE_THUNK_DATA *thunk points to - I think - corrupted or wrong data, which in turn leads to Access memory violation in FindRealCode((LPVOID)thunk->u1.Function).

KR Serge

serge-sb commented 6 years ago

Pull request: 9c5e2fd394173c660487a8fbd56339d1e2a75178