Parsing win32 paths incorrectly

hasherezade / pe-sieve

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

https://hshrzd.wordpress.com/pe-sieve/

BSD 2-Clause "Simplified" License

3.01k stars 421 forks source link

Parsing win32 paths incorrectly #16

Closed CookedMorsel closed 6 years ago

CookedMorsel commented 6 years ago

@hasherezade in path_converter.cpp (line 97), in the std::string convert_to_win32_path(std::string path) function an assignment is done in place of a compare operator:

if (stripped_path[1] = ':') {

hasherezade commented 6 years ago

you are right, thank you for reporting!

hasherezade commented 6 years ago

The fixed binaries are available under "latest builds".