Fix potential integer overflow

microsoft / Detours

Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.

MIT License

5.18k stars 1.01k forks source link

Fix potential integer overflow #182

Closed dtarditi closed 3 years ago

dtarditi commented 3 years ago

When injecting a DLL into a process, it is possible that the process memory has been corrupted. The values in the import table for the process could be incorrect, which could cause an integer overflow when calculating the size of the new import table. Add code to protect against this to UPDATE_IMPORTS_XX.

Microsoft Reviewers: Open in CodeFlow

AraHaan commented 3 years ago

o my so this been a thing for years?