glmcdona
commented
7 years ago Thanks for discovering this one! Will apply the above fix and give credits to you :)
Closed xchgrbprsp closed 7 years ago
glmcdona
commented
7 years ago Thanks for discovering this one! Will apply the above fix and give credits to you :)
evanpjensen
commented
7 years ago Ran into this issue today.
glmcdona
commented
7 years ago Thanks megastupidmonkey and wontonSlim. I've fixed this issue using your exact code megastupidmonkey, appreciate you taking the time to report and fix these issues. Feel free to submit push requests with the fixes as well, that way you can get official tracking of your contributions :) Working on your other bug now, will release a new built binary after I've got it fixed.
In
pe_header::process_disk_imagemethod, I see_header_pe64->OptionalHeader.ImageBase = (DWORD) _original_base;, which I believe is wrong since the ImageBase for 64bit header is indeed a 64bit value so it should be_header_pe64->OptionalHeader.ImageBase = reinterpret_cast<__int64>(_original_base);.I had this weird problem for a long time that the ImageBase is somehow truncated but I didn't realize it might be a bug. Now I think I found out what the problem was and it seems to be fixed by the change mentioned above.