Courgette: Skip the relocs that live outside of the image.

BUG=517475 Review URL: https://codereview.chromium.org/1277583004 Cr-Commit-Position: refs/heads/master@{#342241}
author: sebmarchand <sebmarchand@chromium.org> 2015-08-06 17:20:44 -0700
committer: Commit bot <commit-bot@chromium.org> 2015-08-07 00:21:22 +0000
commit: 8b2dbe9cb7eb35e6944a3a2144fa01eee69a36c1 (patch)
tree: eca10a1cadfb4846e33aa5b7108cab95b7026a65 /courgette
parent: fcf7931116f308a93b4c408f223241bd3d43f41a (diff)
download: chromium_src-8b2dbe9cb7eb35e6944a3a2144fa01eee69a36c1.zip
chromium_src-8b2dbe9cb7eb35e6944a3a2144fa01eee69a36c1.tar.gz
chromium_src-8b2dbe9cb7eb35e6944a3a2144fa01eee69a36c1.tar.bz2
2 files changed, 10 insertions, 0 deletions
diff --git a/courgette/disassembler_win32_x64.cc b/courgette/disassembler_win32_x64.cc
index 667b4e1..6f35ca5 100644
--- a/courgette/disassembler_win32_x64.cc
+++ b/courgette/disassembler_win32_x64.cc
@@ -264,6 +264,8 @@ bool DisassemblerWin32X64::ParseRelocs(std::vector<RVA> *relocs) {
       int offset = entry & 0xFFF;
 
       RVA rva = page_rva + offset;
+      // TODO(sebmarchand): Skip the relocs that live outside of the image. See
+      //   the version of this function in disassembler_win32_x86.cc.
       if (type == 10) {         // IMAGE_REL_BASED_DIR64
         relocs->push_back(rva);
       } else if (type == 0) {  // IMAGE_REL_BASED_ABSOLUTE
diff --git a/courgette/disassembler_win32_x86.cc b/courgette/disassembler_win32_x86.cc
index bb300d9..8490fcb 100644
--- a/courgette/disassembler_win32_x86.cc
+++ b/courgette/disassembler_win32_x86.cc
@@ -263,6 +263,14 @@ bool DisassemblerWin32X86::ParseRelocs(std::vector<RVA> *relocs) {
       int offset = entry & 0xFFF;
 
       RVA rva = page_rva + offset;
+      // Skip the relocs that live outside of the image. It might be the case
+      // if a reloc is relative to a register, e.g.:
+      //     mov    ecx,dword ptr [eax+044D5888h]
+      uint32 target_address = Read32LittleEndian(RVAToPointer(rva));
+      if (target_address < image_base_ ||
+          target_address > (image_base_ + size_of_image_)) {
+        continue;
+      }
       if (type == 3) {         // IMAGE_REL_BASED_HIGHLOW
         relocs->push_back(rva);
       } else if (type == 0) {  // IMAGE_REL_BASED_ABSOLUTE
author	sebmarchand <sebmarchand@chromium.org>	2015-08-06 17:20:44 -0700
committer	Commit bot <commit-bot@chromium.org>	2015-08-07 00:21:22 +0000
commit	8b2dbe9cb7eb35e6944a3a2144fa01eee69a36c1 (patch)
tree	eca10a1cadfb4846e33aa5b7108cab95b7026a65 /courgette
parent	fcf7931116f308a93b4c408f223241bd3d43f41a (diff)
download	chromium_src-8b2dbe9cb7eb35e6944a3a2144fa01eee69a36c1.zip chromium_src-8b2dbe9cb7eb35e6944a3a2144fa01eee69a36c1.tar.gz chromium_src-8b2dbe9cb7eb35e6944a3a2144fa01eee69a36c1.tar.bz2