search

getsentry / pdb

A parser for Microsoft PDB (Program Database) debugging information
https://docs.rs/pdb/
Apache License 2.0
385 stars 69 forks source link

Retain u64 size for class and union sizes #103

Closed landaire closed 2 years ago

landaire commented 3 years ago

I encountered a PDB which contained a type looking something like this:

ClassType {
    kind: Struct,
    count: 0x10,
    properties: TypeProperties(
        0x200,
    ),
    fields: Some(
        TypeIndex(0x5326),
    ),
    derived_from: None,
    vtable_shape: None,
    size: 0x5D00,
    name: RawString("_REDACTED_DATA"),
    unique_name: Some(
        RawString(".?AU_REDACTED_DATA@@"),
    ),
}

I noticed something weird about all structs containing this one: all of them had incorrect field offsets (calculated by me) and incorrect sizes. Upon further observation I noticed that the size had been truncated from 0xF5D00 to 0x5D00. This patch removes the integer truncation from classes/structs (tested) and from unions (untested) and changes their types to be u64.

landaire commented 3 years ago

I also realized MemberType::offset is provided by this crate, not by me, and is also wrong. I've fixed that as well. Might be worth it to audit count/length-based integers where parse_unsigned() is called and truncated for similar issues.